The votes are in for the 2025 FedScoop.

See the winners!

Carr: FCC must continue freeing up spectrum for 5G

The Federal Communications Commission must continue to free up wireless spectrum, often used by federal agencies, for commercial 5G services if the U.S. wants to maintain its leadership in the space ahead of competitors like China, said Commissioner Brendan Carr.

The senior Republican on the commission proposed a spectrum calendar to free up and auction off airwaves as quickly as possible, during an American Enterprise Institute event Monday.

During the Trump administration, the Republican-controlled FCC opened up more than 6 gigahertz of spectrum for licensed 5G services, in addition to thousands of megahertz of unlicensed spectrum, a trend Carr wants to see continued.

“We need to be clear-eyed about our spectrum policy going forward,” Carr said. “Whether we like it or not, freeing up more spectrum requires FCC leadership that accumulates political capital and has the willingness to spend it.”

Carr’s spectrum calendar for 2021 calls for:

In 2022, Carr wants the FCC to hold an auction for the 1300-1350 MHz band, which federal agencies could vacate by next year, and another auction in the 42 GHz millimeter wave band.

For 2023 and beyond, Carr envisions auctions in the lower 3 GHz band; 4.8 GHz band, which other countries have licensed exclusively for 5G; and portions of the 7.25-8.4 GHz band.

As for 5G infrastructure, Carr wants the broadband maps Congress gave the FCC $98 million to complete finished this fall and not next year.

“Getting those maps is the key to unlocking the funding that will be needed to close the digital divide,” Carr said. “If we need to allocate more agency resources to this effort, then we should do it.”

Carr desires a version 1.0, minimalist approach to the maps to streamline the process. They need only contain information needed to allocate money from the Rural Digital Opportunity Fund Phase II and 5G Fund, Carr said.

The Republican-run FCC practiced a “light touch” approach to infrastructure regulation, and the Democrat-led FCC should continue to make it easier to build 5G infrastructure on federal lands, Carr said. A Federal Lands Desk should be designated to coordinate with federal agencies, he added.

Carr also urged the creation of thousands of tower technician and telecommunications crew jobs in partnership with trade schools and cautioned against subsidizing “overbuilding” in the form of new entrants in the 5G space.

Restoring net neutrality, which would prevent internet service providers from charging different rates depending on the type of communication, is a big issue for Democrats. The Republican-run FCC overturned those protections, and Carr argued the successful performance of U.S. networks during increased pandemic traffic levels was proof it was the right decision.

China has seen a 40% reduction in download speeds, and European countries asked Netflix to reduce its video quality during the pandemic, Carr said.

“We should also see the push for the return to Title II Net Neutrality for what it is: a push for rate regulation,” he said. “Those backing this misguided policy simply refuse to accept the reality that the internet has flourished since we repealed the ill-advised Title II regulations.”

Army working on new cyber, electromagnetic weapons after large-scale test event

The Army recently concluded a large event that tested new cyber and electromagnetic spectrum weapons in its tactical operations.

The event, Cyber Quest 2021, was hosted by Army Futures Command and brought in users from across the service to test 15 new technologies from more than a dozen vendors, senior leaders told reporters Monday. Many of the lessons learned from the 13-day event will be put into procurement requirements documents for new technologies the Army is focused on as part of its broader strategy to deter great power conflict.

“This is unique because of the dialog it allows,” said Maj. Gen. Neil Hersey, commanding general of the Army Cyber Center of Excellence that helped lead Cyber Quest. Hersey said the partnership with industry was a rare opportunity to get new tech into the hands of on-the-ground operators and allow for vendors to receive feedback.

One of the new parts of the annual exercise was a close partnership with the Army Maneuver Center of Excellence at Fort Benning in Georgia. It’s a partnership that’s expected to continue as the Army tries to ramp up the development of robotic vehicles and operations that will rely on networking units together.

“The exercise really is the first of its kind that we have done,” Hersey said on a call with reporters.

One of the exercises during the event had a platoon of soldiers tasked with defending an airbase in the Indo-Pacific against a simulated attack. The team was able to operate anti-jamming radios and track enemy movements by their electromagnetic signatures.

Troops on the ground used new tools to detect enemies, send data back up the chain of command, have it analyzed and then sent back — something that often takes longer than they can afford. Soldiers were even able to link a small drone to their network to inform movements.

Building anti-jamming radios and other electromagnetic-spectrum manipulation tools is a new tech-focus for the military after two decades of relatively low-tech conflict. The Department of Defense sees these types of tech as critical in thwarting war with China, the U.S.’s No. 1 strategic competitor. U.S. military leaders anticipate China would be very technical in its maneuvering, deploying cyberattacks, satellite jamming and network interference in a battlefield scenario, something American forces have not recently experienced.

The Army also tested the use of an offensive cybersecurity measure of using code that can mask some of the signatures of an American-led cyberattack. The highly secretive tool is one of the ways the U.S. wants to ensure its offensive measures are not traced back to the homeland, Col. John Transue, acting director for Army Cyber-Capability Development Integration Directorate (C-CDID).

The code uses pattern recognition to obfuscate the digital signatures left by cyber warriors. Developed by Accenture, it would not only be used by the Army but across the cyber workforce and be able to be “changing from mission to mission,” Transue said.

The larger tests during Cyber Quest 2021 will play an important role in the Army’s drawn-out acquisition process. 

“The testing that goes on helps inform the requirement documents,” Col. Chris Haffey said on the call with reporters.

The tests are one way to talk directly with industry and have soldier feedback on products within the confines of the traditional acquisition process, moving the military away from arduous and complex requirements-writing.

“This year was about seeing what we could do together,” said Maj. Nelson Reynolds, a United Kingdom exchange officer stationed at Army Futures Command who worked on Cyber Quest.

Government agencies harness RPA ‘bots’ to build capacity, improve services

Federal and state government workers are beginning to benefit from a growing army of digital robots designed to streamline agency workloads and quicken the delivery of public services.

The robots — or more accurately, robotic process automation (RPA) applications — are gaining widening adoption across government agencies, according to a new survey of federal and state government business, program and IT officials.

robotic process automation

Read the full report.

More than 6 in 10 federal respondents — and 4 in 10 state respondents — in the survey said their agency now uses RPA technology to facilitate work. And it appears the momentum for using RPA technology is building quickly in government. Of those at agencies putting RPA to work, two-thirds have begun piloting, or deploying RPA within the last 12 months.

The findings are based on a new survey, completed by 167 prequalified executives at federal and state government agencies, responsible for their agencies’ business, program or enterprise operations, including IT, customer service and acquisition officials. The survey was conducted by FedScoop and StateScoop, with underwriting support from UiPath, a leading provider of RPA software solutions

Among other key findings:

Because RPA requires little or no coding, and can be deployed with minimal training, it is relatively easy for employees to apply it successfully to automate all kinds of business processes and online services, according to James Walker, chief technology officer for public sector at UiPath.

The study suggests that once RPA’s benefits are demonstrated in one area, it opens up consideration for uses elsewhere.

But RPA also provides a way to help budget-constrained agencies boost capacity, observed Walker. “Automation can begin to liberate agency staff from repetitive, lower-valued — but necessary — work and enable them to focus on higher-valued tasks needed to achieve their mission.”

Read the full report, “RPA’s expanding role in government,” for the detailed findings, or contact automation@uipath.com to learn more about automating workflows.

 This article was produced by FedScoop and StateScoop and underwritten by UiPath.

Coast Guard adding Wi-Fi to cutters, tablets to command posts

The U.S Coast Guard, a year into its self-described “tech revolution,” is working to install Wi-Fi on its cutters to increase connectivity and modernizing other legacy systems in command posts.

The “underway Wi-Fi” will be added to two cutters this year in a pilot program, Adm. Karl Schultz, commandant of the Coast Guard, said in his State of the Coast Guard address last week. The pilot program, meant for vessels that are not at anchor, aims to also help guardsmen stay connected to family while deployed, a capability currently limited by the ’90s-era tech Schultz wants to replace.

The guard will also be replacing old desktops in command posts with mobile “two-in-one tablets” that will give leaders the ability to work from anywhere. Approximately 3,000 tablets will also be distributed to training centers across the country.

“At last year’s State of the Coast Guard, I announced a ‘tech revolution,'” Shultz said. “Since then, we’ve leaped-frogged ahead and — with the help of Congress — put the Coast Guard on a much better trajectory with regard to [command, control, communications, computers, combat systems and intelligence].”

The Coast Guard has struggled to modernize its systems, its leaders have said. Many of the systems that directly impact operations like countering drug smugglers or rescuing distressed vessels had to operate with limited connectivity and data. Watchdog agencies also found vessel tracking systems contained duplicate and faulty records due to a lack of automation.

Since his last State of the Coast Guard address, Schultz said the service has made some concrete progress with the launch of new apps and moving to systems that could support teleworking.

“In the past year, we’ve migrated to a cloud-based suite of collaboration tools and have increased the ability to connect our workforce, whether that be improved cutter connectivity both underway and in-port, or greatly enhanced telework capability,” the commandant said.

Much is left to be done, Schultz acknowledged. Work is still underway to modernize financial systems and other administrative tasks still largely done by hand. Schultz committed to using “big data” to further reduce costs.

The Coast Guard continues to rely on outside help for cybersecurity. About 20 cybersecurity auxiliarists — volunteers that work part-time — are now assisting on research and development projects to keep data secure from hackers, Schultz announced.

First TMF award of 2021 comes hours after watershed $1B appropriation

The Department of Labor received $9.6 million from the Technology Modernization Fund to update its enterprise data platform, less than a day after lawmakers put a historic $1 billion into the funding vehicle.

DOL will use its funds to improve the availability and accessibility of data for other agencies, developers and researchers, as well as improve evidence-based decision making across its enforcement, compliance and unemployment insurance missions.

The TMF award is also a win for the three-year-old fund itself, which had only garnered $150 million in total appropriations prior to President Biden signing the American Rescue Plan Act into law Thursday.

“Technology is a key enabler for government in providing better services to the American public,” said David Shive, chief information officer at the General Services Administration and a TMF Board member, in the announcement. “The news of the Technology Modernization Fund getting a $1 billion boost from the American Rescue Plan couldn’t have come at a better time, and the TMF Board looks forward to receiving more project proposals like this one from DOL to consider for investment.”

The TMF serves as a streamlined way for agencies to get the money they need to upgrade aging and obsolete information technology.

DOL received one TMF award previously to make its paper-based work visa application process digital in 2018 for a $2 million annual savings.

The latest award comes on TMF’s third anniversary, having funded 11 modernization projects across government to date.

“With this first project approval of 2021, the TMF Board is reinforcing its commitment to invest in federal technology modernization initiatives that enable agencies to better deliver their services to the American public,” said Maria Roat, deputy federal CIO and TMF Board member, in a statement.

How CDM data can drive federal cyber strategies

When the federal government launched its Continuous Diagnostics and Mitigation program, it was intended to give agencies the tools they needed to know definitively who and what assets were operating on their networks, with the goal of reducing cyber risks.

A growing number of agencies, however, are on the cusp of gaining a far more powerful view of their network operations and overall cybersecurity posture, says Frank Dimina, vice president, America and public sector, at Splunk, in a new report.

Read the full report.

What agencies and program leaders are starting to appreciate now, he says, is how the CDM program is generating a treasure trove of dynamically-integrated IT operating and security data, capable of helping agencies establish a more comprehensive view of their security posture.

“The added integration and analytics capability of CDM, compared to the underlying monitoring systems, is equivalent to going from looking at snapshots from a point in time, to having the fidelity of a live video feed,” says Dimina, in the new report, “Leveraging CDM to federal cyber strategies.”

The report, produced by FedScoop and underwritten by Splunk, features a series of articles and commentary perspectives that highlight how CDM is poised to help agencies improve their IT operations as well as their security.

One of the ongoing challenges agencies face — and where CDM’s automation capabilities are seen as a potent solution — lies in managing the explosion of data flowing into security and network operation centers from a widening array devices, sensors and applications, says Michael Guercio, business development and strategic program manager at Splunk. That leads to a related challenge of how to remediate a growing number of vulnerabilities.

“Remediation is still a manual process that requires IT teams to allocate valuable time and resources,” he says in the report. “That’s where one of CDM’s underappreciated capabilities comes into play. In addition to the ability to stitch together information from multiple sources, CDM’s tools also provide the ability to automate the execution of identification and potential responses, based on agencies’ most critical threats, their risk posture and their risk threshold.”

Guercio points to Splunk’s Phantom platform as example of the kind of tools available through the CDM program that are available to help agencies with those challenges.

Phantom provides an orchestration automation and response technology to help correlate data and create a single picture of the agency’s cybersecurity posture. “It also can automate remediation processes and augment existing NAC technologies across the tool stack,” he says.

“It doesn’t matter if an agency is using ForeScout, or if they’re using Cisco ISE, or even within a more federated agency’s IT organization. Phantom provides the automation of these tools into one service so that agencies have a single, easy-to-interpret view with checks and downstream actions initiated without human intervention.”

The report also highlights how CDM has helped agencies reduce operating costs, by identifying under-utilized assets and software licensing costs.

Read more about how CDM data integration and security analytics are enabling real-time visibility and operational efficiencies at federal agencies. And learn more about Splunk’s “Data-to-Everything Platform” capabilities for the public sector.

This article was produced by FedScoop and sponsored by Splunk.

Top Army general vows for new cyber talent management system

As the Army rethinks talent management, it wants to ensure that uniformed cybersecurity experts have a quick path to promotion and that they don’t end up being pushed out by the service’s strict physical standards, its top general said Thursday.

The Army wants its new talent management system to focus on skills and career paths like cybersecurity that are not necessarily related to physical combat. Gen. James McConville, chief of staff of the Army, told reporters Thursday during a call with the Defense Writers Group that the Army is in the process of evaluating the Army Combat Fitness Test (ACFT) and rank promotion process in part to make sure that tech talent can stay in uniform longer.

“If you are a cyber whiz, maybe you do not have to have a 600 on the test,” he said, referring to the top score for the new ACFT. “[W]e are going from an industrial age personnel management system to a 21st-century talent management system.”

Under the ACFT, introduced late last year, fitness requirements are set by occupation, one change made to move towards a system that can retain soldiers with a diversity of skills.

McConville also said the Army needs new ways to reward and promote cyber personnel in the enlisted ranks. He described a soldier he met as “one of the best in the world at cyber,” but added he was only a sergeant, a rank he felt did not reflect his experience and talents.

McConville sees changing compensation and promotion based on domain-specific talent as the future for the Army.

“We don’t want to disenfranchise any of these people in the Army,” he said of soldiers with technical skills who can run into roadblocks in a system designed to promote those with battlefield strengths.

The Army has a talent management task force charged with finding ways to promote and retain new skill sets to meet new challenges. The task force is also working to eliminate unconscious bias in promotions. It has already rolled out changes for field-grade officers, like colonels and majors, that can guarantee certain career paths to not waste talent. Now, it is piloting new ways to promote enlisted soldiers including new rubrics for testing and interviews and shifting authorities to local commanders that have a better sense for squad cohesion.

Other ongoing Army talent initiatives include new technology education options for officers, like courses in artificial intelligence and machine learning.

ATARC intends to merge agency and vendor zero trust working groups

The Advanced Technology Academic Research Center’s parallel zero trust working groups for federal agencies and vendors intend to merge once the government side establishes use cases.

A merger will allow the more than 15 agencies and 15 vendors participating to begin zero trust logistics and building and showcasing proofs of concept, said Gerald Caron, director of enterprise network management in the State Department‘s Bureau of Information Resources.

Caron co-chairs the agency working group and developed a zero-trust architecture that subgroups are using to define use cases.

“While the government is doing their deliveries and getting level set on requirements and architectures and definitions and concepts and use cases … we are feeding that to the vendors, so they can get started,” Caron said during an ATARC event Thursday.

Caron helped stand up ATARC’s Trusted Internet Connection 3.0 Demonstration Center, a physical test environment allowing federal agencies to try out cloud and infrastructure solutions for securing their networks.

With ATARC’s TIC 3.0 Working Group deemed a success, its members were grandfathered into the Zero Trust Working Group “because we believe TIC fits into the overall architecture of zero trust,” Caron said.

Continuous Diagnostics and Mitigation (CDM) Program Manager Kevin Cox has further agreed to join the working group and work with its members as his program transitions toward a zero-trust concept. That way the CDM program will get direct feedback from government officials and vendor representatives.

And Federal Chief Information Security Officer Chris DeRusha will have someone from his office participate in the working group as well.

“Having those two entities, I think, makes this working group pretty powerful — for lack of a better term,” Caron said. “It’s great participation, and we’re really influencing the government at this point.”

The working group will demystify zero trust by providing technical requirements agencies can use, said Trafenia Salzman, security architect at the Small Business Administration.

“It’s really helpful as an architect or an engineer or an analyst to be able to implement that in your environment,” said Salzman, who co-chairs the Zero Trust Working Group.

Salzman’s team at SBA is currently inventorying security tools and gathering information on processes before it implements a zero trust plan for the agency.

Meanwhile Caron is helping implement zero-trust infrastructure at the State Department and also serving as acting chief information officer for the Department of Health and Human Services Office of Inspector General.

HHS OIG is also inventorying security tools with plans for a multi-year, multiple project zero trust program.

“I’d rather be effective than compliant, so I think zero trust really focuses on effectiveness because you focus on what you want to protect,” Caron said. “I really believe in that, and compliance can fall into place as you go.”

Biden promises federal website for finding COVID-19 vaccines on May 1

Editor’s Note: This story has been updated with information on the U.S. Digital Service’s involvement and federal technology teams supporting vaccination scheduling.

President Biden teased a new federal COVID-19 vaccine website, capable of showing users places with vaccines available nearest them, during his first prime-time address Thursday.

Biden directed all states, tribes and territories to make all adults eligible for vaccination no later than May 1, when the site will launch.

The existing Department of Health and Human Services-run vaccines.gov provides general information on who is eligible for a vaccine and when they might expect to get vaccinated, but it can’t help users find places with vaccines available.

“At the time that everyone is eligible in May, we will launch with our partners new tools to make it easier for you to find the vaccine and where to get the shot — including a new website that will help you first find the place for you to get vaccinated and the one nearest you,” Biden said. “No more searching day and night for an appointment for you and your loved ones.”

The U.S. Digital Service, government’s fix-it team, “is engaged on the effort” but can’t provide additional details at this time, a spokesperson told FedScoop.

A call center will be stood up alongside the website to accommodate people without internet access or technical savvy.

The website will not let users schedule vaccinations, and instead the federal government will bolster state and local efforts on that front.

“Since so many Americans use their state and local websites to schedule vaccine appointments, the administration will also deploy technology teams to help to improve these systems,” said Jeff Zients, White House COVID-19 response coordinator, during a briefing Friday.

In the meantime VaccineFinder.org, which the Centers for Disease Control and Prevention works with regularly, began showing locations for COVID-19 vaccines in late February, a CDC spokesperson told FedScoop.

The locations shown are either part of the Federal Retail Pharmacy Program or in Alaska, Indiana, Iowa, New York (excluding New York City), Oklahoma, Tennessee, and Utah. Provider information includes the types of COVID-19 vaccine available, contact information, hours of operation and instructions on how to get vaccinated.

White House officials anticipate having enough vaccines for every adult in the U.S. by May’s end.

“We need to make it easier for every American to get vaccinated,” Zients said. “Too often it’s too difficult, too time consuming and too frustrating for people to identify where vaccines are available and where to schedule an appointment.”

Report: CISA hasn’t reached full operating capacity yet

The Cybersecurity and Infrastructure Security Agency won’t be fully up and running until it implements its third and final phase of organizational changes, according to a new report.

While the CISA Act of 2018 elevated the agency and saw it create a new organization chart and consolidate incident response centers and infrastructure security points of contact, 57 planned tasks were incomplete as of mid-February, the Government Accountability Office reported.

Until CISA’s organizational changes are finished, it will remain “difficult” for the agency to confront national cyber incidents like the SolarWinds hack that compromised at least nine federal agencies, reads GAO’s report.

“Until it establishes updated milestones and an overall deadline for its efforts, and expeditiously carries out these plans, CISA will be hindered in meeting the goals of its organizational transformation initiative,” the report states. “This in turn may impair the agency’s ability to identify and respond to incidents, such as the cyberattack discovered in December 2020 that caused widespread damage.”

CISA planned to finish the initiative in December, and all major tasks were completed by then, according to the agency. But CISA has yet to finalize mission-essential functions of its divisions or issue a memo defining incident management roles and responsibilities.

The agency’s deputy director and chief of transformation told GAO in November that delays were due to a need to obtain buy-in from government, including Congress, and industry. Coordination between Department of Homeland Security leadership and the Office of Management and Budget also took longer than expected, delaying later tasks dependent upon earlier ones.

Tasks affecting CISA employees need to be done right, and the COVID-19 pandemic has had “minimal impact” on completion, according to officials.

GAO recommended CISA set new expected completion dates for 42 tasks past their planned deadlines while prioritizing mission-critical ones. CISA already plans to create an updated, prioritized task list and reset its overall deadline for March 2021, the agency responded.

CISA generally addressed four reforms around using data and evidence, but five around workforce planning were only partially addressed.

“Workforce planning is especially important for CISA, given the criticality of hiring and retaining experts who, among other things, can help identify and respond to complex attacks,” reads GAO’s report. “CISA did conduct an initial assessment of its cybersecurity workforce in 2019; however, it is still working on analyzing capability gaps and determining how to best fill those gaps.”

A recommendation to ensure CISA’s employee performance management system aligns with the agency’s new organizational structure and goals remains unaddressed, despite officials’ assertion to the contrary, according to GAO.

GAO recommended CISA address outstanding reforms, to which the agency responded it’s working to create performance measures and a comprehensive workforce planning strategy.

Select government and industry partners across 16 infrastructure sectors — banking and financial institutions, telecommunications, and energy among them — told GAO they had challenges coordinating with CISA.

A total of seven partners reported a lack of clarity on organizational changes, seven a lack of involvement developing guidance, five a lack of timely response, three an inconsistent distribution of information, and three a lack of access to actionable intelligence.

CISA is tracking stakeholder inquiries for timely responses and holding tailored intelligence briefings, but it needs to address the three outstanding infrastructure challenges, GAO recommended.