Marines get historic new CIO, Lorna Mahlock

The Marine Corps has quietly named a historic new CIO.

Lorna Mahlock — the first African-American woman nominated to serve as a brigadier general in the Marine Corps — is now also the service’s director of command, control, communications and computers (C4), and CIO.

Mahlock is also the Corps’ first female CIO, taking over the role in late May, her office confirmed to FedScoop.

Mahlock’s story received national coverage in the media in April after she was nominated for the promotion to brigadier general. Since then, the Senate confirmed her, but news of her appointment as Marine Corps CIO has gone uncovered.

Mahlock’s official promotion date is set for Aug. 3, and until then, her official title is brigadier general “select.”

Prior to taking over the Marines C4/CIO role, which sits under the leadership of the recently consolidated Department of the Navy CIO, Mahlock served as deputy director of plans, policy and operations, and commanding officer of the Marine Air Control Group 18 in Okinawa, Japan.

Mahlock, a native of Jamaica, was commissioned into the Marines in 1991 after immigrating to Brooklyn, New York.

She replaces Brig. Gen. Dennis Crall, who left the CIO role in February to serve in the Office of the Secretary of Defense as principal deputy cyber adviser at the Pentagon. Since then, Ken Bible, the deputy CIO, has been serving in an acting capacity.

CIO Dana Deasy sets plan to secure DOD websites

New Pentagon CIO Dana Deasy has laid out a plan to make public-facing Defense Department websites more secure for visitors by the end of 2018.

DOD has been working to bring trust certificates and encryption across its public domains up to speed with industry standards for the past two to three years, Deasy wrote in a July 20 letter to Sen. Ron Wyden, D-Ore. He hopes to be mostly there by the end of the calendar year.

“The Department is working hard to ensure DoD inspires trust among citizens and partners in its digital interactions across our missions, business, and entitlements roles,” Deasy wrote.

Wyden requested such a plan of action in a May letter criticizing DOD’s public website and email security, specifically the lack of HTTPS encryption, which ensures secure connections and prevents man-in-the-middle attacks. Without the proper trust certificates and encryption, users to many DOD websites are greeted with a frightening message that their connection isn’t private and “Attackers might be trying to steal your information.”

“Many mainstream web browsers do not consider these DOD certificates trustworthy and issue scary security warnings that users are forced to navigate before accessing the website’s information,” Wyden wrote then. “These challenges do not only impact civilians; service members accessing DOD pages from home regularly encounter security warnings and must click through such errors when accessing public DOD resources.”

In August, according to Deasy, the Joint Force Headquarters-Department of Defense Information Network (JFHQ-DoDIN) — the U.S. Cyber Command component responsible for securing the department’s thousands upon thousands of networks — will issue an order moving for the entire defense enterprise to follow the Department of Homeland Security’s binding operational directive for civilian agencies to improve website and email security.

While DOD components should be able to comply with that order by 2018’s close, Deasy said a full implementation of HSTS — the security standard by which a website forces a browser to use HTTPS — will take some more time for testing. But the Pentagon, by the end of the year, will issue a plan for rolling it out, the CIO said.

“DoD takes pride in being a leader in cyberspace and supports the need to protect information, both for the warfighter as well as the general public,” Deasy wrote.

Wyden told CyberScoop in a statement that “the Pentagon deserves credit for moving toward these commonsense cybersecurity improvements for their websites and email. The men and women of the American military, and anyone who visits a Defense Department website, will be better-protected from spammers, scam artists and spies once these changes go into effect.”

White House wants industry input on how to build its GEAR Center

The Trump administration is looking for industry help to create a public-private partnership laboratory tasked with researching how to build a better government.

White House officials want input on how to design the Government Effectiveness Advanced Research (GEAR) Center, a non-governmental applied research lab that would pilot new methods for providing citizen services and other pressing government issues, according to a request for information filed Monday.

“Through applied research and live pilot testing, the GEAR Center would connect cutting-edge thinking with real-world challenges the federal government faces in serving Americans in the Digital Age,” the RFI said.

The White House, which introduced the center as part of its executive branch reorganization plan in June, hopes to leverage private, public and academic expertise to develop operational solutions for problems like providing better service delivery, reform for IT investment, broad procurement, and federal workforce development and reskilling.

The center would deploy data science, organizational behavior and human-centered design research to address those challenges on a federal level, while possibly applying the methods to state and local government challenges as well.

The RFI details the White House’s plan to stand up the GEAR Center with initial seed funding, allowing it to operate as an independent office without long-term appropriations and market its more innovative governance solutions.

“The GEAR Center would be a public-private partnership bringing together experts in disciplines ranging from economics, to computer science, to design thinking, in order to take a creative, data-driven, and interdisciplinary approach to imagining and realizing new possibilities in how citizens and government interact,” the RFI said.

The solicitation continues: “It would provide the federal government with the opportunity to catch up with where private-sector services and capabilities are today and lay the groundwork for where Government operations and services need to be in five, 10 or 20 years.”

The RFI calls for industry and stakeholder input on what organizational structure best fits the GEAR Center, as well as what innovation area to prioritize.

The White House said in the request that the center would likely first take on the Trump administration’s efforts to reskill federal workers, especially for IT and cybersecurity skills positions, which play a prominent role in its executive branch reorganization plan.

White House officials plan on holding a late summer conference how to operationalize the center, its areas of focus in addition to reskilling efforts and how it can be funded.

Interested stakeholders have until Sept. 14 to respond.

Are flying cars ready for take-off? No, but Rep. Lamar Smith is

Every once in a while, even on Capitol Hill, our elected officials get to have a little fun. On Tuesday morning, Rep. Lamar Smith, R-Texas, showed us all how it’s done.

Under his leadership, the House Science, Space and Technology Committee convened a hearing on “urban air mobility” (flying cars). “Are Flying Cars Ready for Take-Off?” the hearing title asked, provocatively.

The short answer, of course, is no.

Despite some exciting developments — like Uber’s partnership with NASA for flying taxis or the company Terrafugia’s promise that its flying cars will be on the market next year — there’s still a lot to be worked out. In their testimonies, witnesses from Uber, Terrafugia, NASA, Bell and the Georgia Institute of Technology mentioned the many challenges that must be addressed before said “take-off” — safety, noise, air traffic control and management for dense urban areas.

It’s no small task. And, as is generally the case in areas of emerging technology, the technological challenges will be solved far before the cultural and societal concerns are settled. Picture all the rhetorical questions that inevitably arise in any hearing about drones, multiply that by 10, and you’ve got a good idea of what Tuesday’s event looked like.

It soon became clear, though, that the premise of imminent “take-off” wasn’t the point at all. Committee chairman Smith is just super into flying cars.

“Several weeks ago I was taking a walk at the Mall,” Smith said in his opening statement, “and I noticed a mother with a young son off to the side and it looked like, to me, the young son was operating a remote control car… and suddenly the wings sprouted from the side of the car and the car took off! This was the first remote-control flying car that I’ve ever seen in my life.”

So naturally, as any enthusiast might do, Smith bought one himself. “I flew it in Lincoln Park a few weeks ago and it worked wonderfully,” he said with a smile, before going on to elaborate on the specific “advantages” of the model.

“You simply push one button, and the wings come out horizontal, and you’re off the ground in 15 feet,” he said. “You can’t beat it.”

And Smith didn’t stop there — oh no — he bought (and brought) a remote-control flying car toy for each member of the committee and each of the five witnesses.

“I know a good thing when I see it,” he quipped.

Oprah moment over, Smith thanked the witnesses for sharing their expertise. “Obviously this is aspirational,” he said, “but soon to be, we hope, real-time and realistic.”

IT watchdog Dave Powner leaving GAO in August

Dave Powner, the Government Accountability Office’s director of IT management issues, will step down from the agency in August, leaving a large void in federal technology oversight.

Powner will be leaving the agency after16 years of service, Chuck Young, managing director of GAO’s public affairs, confirmed to FedScoop Tuesday

“Dave has done excellent work here at GAO and helped us improve government operations when it comes to IT issues,” he said. “We will miss him and wish him nothing but success.”

For the past decade, Powner has been synonymous with the government’s efforts to modernize its IT infrastructure and empower its CIOs to oversee technology adoption, policing agency implementation of reform efforts like the Federal IT Acquisition Reform Act, the Modernizing Government Technology Act and data center consolidation.

Following the passage of FITARA in 2014, Powner was invariably present in House Oversight and Government Reform Committee hearings on agency compliance with the law, testifying on where federal leaders strove to improve their departments and where they fell short.

He recently told Government Matters that he will join the MITRE Corp., a McLean, Va.-based federally funded research and development center.

“I greatly appreciate all the opportunities that I have been given at GAO over the years,” Powner said. “It’s a great institution with tremendous leadership and employees.”

Prior to joining GAO, Powner was director of IT and software development at Qwest Communications, before its acquisition by CenturyLink.

Young said GAO has not yet named a specific replacement for Powner.

Amazon ‘unwaveringly committed’ to government customers despite employee protests, Teresa Carlson says

As many Amazon employees protest selling facial recognition technology to the government, the head of the company’s public sector cloud computing business said the team remains “unwaveringly” committed to the U.S. government.

“We are unwaveringly in support of our law enforcement, defense and intelligence community,”  Teresa Carlson, vice president of worldwide public sector for Amazon Web Services, said July20 at the Aspen Security Forum in Colorado.

Asked if the business has “drawn any red lines” around its government work with the news of the protests of its Amazon Rekognition facial recognition software, Carlson said no.

“We provide them the tools, we don’t provide the solution application that they build,” she said. “And we often don’t know everything they’re actually utilizing the tool for. But they need to have the most innovative and cutting-edge tools they can.”

Amazon hasn’t been alone in receiving backlash from its employees and the public for supporting politically charged government programs with its emerging technologies. But it does seem to be dealing with that ethical backlash differently than some of its Silicon Valley competitors.

Microsoft also faced public scrutiny and employee protests for a blog post touting its cloud contract with Immigration and Customs Enforcement, which it said could support “deep learning capabilities to accelerate facial recognition and identification.” When word began to get out about it amid the Mexican border crisis, the company deleted the statement. The deletion was noticed by the public, and the company returned the post to normal. Microsoft has since cleared the air, saying that although the contract could support ICE’s facial recognition efforts, it currently isn’t. The company says it is in favor of government regulation of the technology.

Google has similarly stepped back its work on the Defense Department’s controversial Project Maven, the Air Force-led project through which the company offered artificial intelligence and machine learning technology to help analysts make better use of full-motion video surveillance. Thousands of Google employees reportedly signed an internal letter expressing concern over the kind of lethal power the program would grant the Pentagon. Google says it won’t renew the contract when it expires in 2019.

‘Right tools for the right job’

Speaking about Rekognition in particular, Carlson said there will always be “bad actors” and “we’ve got to make sure as a nation … people should have a voice and tools should always be used ethically.” She acknowledged there are also “ethical use rights” behind such products, “so when the government signs up with us, they still have to have ethical use rights of our tool. So if they’re breaking the law, they’re doing something, we would pull that for those reasons. And they sign up and they know the use rights of our tools as well.”

“Rekognition is such a great tool and it’s being used for such great things,” she said, pointing to a nonprofit group called Thorn that uses the facial recognition technology for its Spotlight tool to “find children who are being sexually exploited.” Carlson explained how challenging — both emotionally and logistically — that process can be, saying “If you can use [artificial intelligence] and machine learning tools to automate that process through recognition of children, that’s a good thing.”

Carlson stood firmly behind her belief that it is in the United States’ best interest to sort out the ethics of emerging technologies, because “we cannot let our adversaries have better tools than we have to defend our nation. So I think that’s where we stand in terms of the right tools for the right job when it’s necessary.” At the same time, she also reasoned, “employees need a voice.”

AWS, meanwhile, is a strong contender for the Defense Department’s landmark, multibillion-dollar Joint Enterprise Defense Infrastructure commercial cloud contract. While that contract has hit a bit of a pause of late as new CIO Dana Deasy conducts a “full review” of the acquisition, Carlson sat down recently with FedScoop for an exclusive interview to discuss how AWS hopes to support the Pentagon and why she believes its decision to pursue a single award “is a good thing.”

Citizenship agency rolls out digital FOIA receipt to all requesters

File a Freedom of Information Act request with the U.S. Citizenship and Immigration Services, and you can now expect a response to that request online.

This is the latest expansion of the agency’s new Freedom of Information Act Immigration Records SysTem (FIRST) — a system that will “eventually” allow requesters to navigate the entire FOIA process digitally. FIRST is being rolled out in “phases,” though, so currently any initial FOIA requests still need to be made via fax, mail or e-mail.

After that first contact, though, “requesters can track the status of their FOIA cases and will receive email notification when USCIS has uploaded their records” through an online account with myUSCIS.

“When FIRST is fully operational this September, requesters will be able to use a completely digital FOIA/PA system, from online submission to retrieving and downloading responsive documents,” a press release states.

FIRST launched in May but was initially only available only to individuals with an immigration court date pending. The expansion of the service to all requesters, the agency says, will cut back on the “time and expense associated with receiving requests by mail.”

Online information processing may help USCIS reduce its significant FOIA backlog. According to data from the FOIA Project, the backlog tripled in the two year period between 2014 and 2016 — from 17,998 unanswered requests to 46,550 unanswered requests.” The agency still has about 47,000 cases pending.

House bill would make DHS’s CDM cyber program law

A new House bill aims to codify the Department of Homeland Security’s signature cybersecurity program.

Rep. John Ratcliffe, R-Texas, introduced the Advancing Cybersecurity Diagnostics and Mitigation Act, which aims to make the continuous diagnostics and mitigation program a systemic requirement for DHS.

DHS established the CDM program in 2012 as an agile, automated program that monitors federal networks and provides continuous cybersecurity protection.

The new legislation calls on the DHS secretary to “regularly deploy new technologies and modify existing technologies” to update the program, offering its cybersecurity resources to all federal agencies and report systemic cyber risks based on data collected by the program.

The bill also requires the DHS secretary to develop a comprehensive CDM strategy within 180 days of enactment and deliver a report to the Senate Committee on Homeland Security and Governmental Affairs and the House Committee on Homeland Security within 90 days outlining the federal government’s cyber risk posture based on data collected by CDM.

Ratcliffe, chairman of the House Cybersecurity and Infrastructure Protection subcommittee, said in a statement that the bill would ensure that CDM stays in stride with the evolutions of cybersecurity technology.

“Our goal with this new legislation is to help boost the long-term success of the CDM program by ensuring it keeps pace with the cutting-edge capabilities in the private sector,” he said. “We’re also safeguarding agencies from getting stuck with technologies that will soon become outdated or unsupported by their vendors.”

CDM is in the midst of awarding new contract capabilities as part of its DEFEND program, while also working on the data protection solutions it will offer as part of its Phase 4 of that program. Phases 1, 2 and 3 addressed asset and user management and data dashboards to monitor network activity.

Former 18F leaders Rebecca Piazza and Sarah Milstein join Nava PBC

Two former 18F executives are joining the leadership team at Nava Public Benefit Corporation, a Washington, D.C.-based civic tech startup.

Rebecca Piazza and Sarah Milstein will take on the roles of vice president of program delivery and vice president of business development, respectively, the company announced Tuesday. Piazza was most recently serving as executive director at 18F — she left the government digital services group at the end of June. Milstein, meanwhile, comes directly from a role as 18F’s head of sales and marketing.

“Rebecca and Sarah’s deep experience in program delivery and operations will take
Nava’s strong track record of building top-caliber digital services to the next level,”
Rohan Bhobe, CEO and co-founder of Nava, said in a statement. “Government
services can and should be simple, effective, and accessible to all, and I am thrilled that
Rebecca and Sarah are joining us to achieve this vision.”

Both Piazza and Milstein told FedScoop that Nava’s public benefit mission was what drew them to the company.

“I’m excited that it’s looking at more than just the company’s perspective,” Piazza said. “It’s really looking at having that mission toward the public, and toward the government, to improve government services and improve access to benefits.”

Piazza is also excited to keep working with government, if from a new perspective.

“I have spent my entire career working to improve government’s use of technology, both
inside and outside the government, and have seen the benefits and challenges of both
perspectives,” Piazza said in a statement. “I am excited in the role that Nava can play as a public benefit corporation that is accountable for social impact, and its ability to put the government’s
interest first while providing the scale and speed of a contractor.”

Nava, which was founded in 2013, grew out of a team that initially existed to help fix the infamous Healthcare.gov failure. Today, the company works with the Department of Veterans Affairs and the Centers for Medicare and Medicaid, while still supporting Healthcare.gov.

As a company, Nava measures its “social impact.” This, according to Bhobe, means that it’s not just offering the latest shiny tech to government agencies but also taking a long-term view on how updated digital services can help agencies better deliver on their missions. “We’re here to build better foundations,” Bhobe told FedScoop.

“Constant change is a feature of the world that we live in now,” he added. “The challenge for government is not how do we make a better product, but how do we make sure that we’re always in a position to be adaptable to people’s needs.”

Government doesn’t just need modern digital services now — it needs better capacity, too, so that it can continue to modernize.

Nava’s philosophy on supporting continuous modernization is, in many ways, similar to the philosophy that drives organizations like the U.S. Digital Service, 18F or the Presidential Innovation Fellows program to bring tech talent into the federal service. It should come as no surprise, then, that Nava is an attractive place for  talent from those organizations to end up after their “tours of duty.”

Piazza and Milstein aren’t the first former 18F-ers to join the company in recent months. Jacob Harris joined as a senior software engineer at the end of February.

Milstein described the flow as a kind of virtuous circle.

“It’s a total success for 18F and for Nava and for the American public if people are taking that public service and continuing with it from a different kind of a company, but continuing to serve the American public,” she said.

National Quantum Initiative would cost $1.1B over 4 years, CBO says

The Congressional Budget Office has put a price tag on a new effort to coordinate federal quantum information science research.

The office said Friday that the National Quantum Initiative bill introduced last month by Rep. Lamar Smith, R-Texas, would cost $1.1 billion to implement in the next four years.

The bill proposes to establish a National Quantum Coordination Office inside the White House’s Office of Science and Technology Policy to help coordinate research between agencies, serve as the federal point of contact and promote private commercialization of federal research breakthroughs over the next decade. It also calls for better research sharing with the private sector to advance quantum development, standardization and focused workforce initiatives.

The CBO, which assesses the cost estimates of proposed legislation, said in its report that the bulk of the costs would come from increased QIS research funding to the Department of Energy, the National Institute for Standards and Technology, and the National Science Foundation.

The report estimates it will cost $125 million annually for QIS research centers within the DOE to conduct basic research on quantum solutions, $80 million to expand NIST research into commercial development of quantum applications and another $50 million for the NSF to organize and operate a research and education program that includes federal grants for colleges and universities.

The CBO also said the National Quantum Coordination Office would likely cost $1 million annually and employ five staff members to help coordinate the research efforts the office is tasked with, based on established offices of similar size.

The bill is not expected to add net-direct spending or on-budget deficits after 2029 because it has a provision to sunset 11 years after enactment.

Though a July 2 Congressional Research Service report estimated that the government spends between $200 million and $250 million on QIS, officials recently testified about the need of increased funding for workforce and software development programs to facilitate the development of the nascent technology.

QIS has been largely discussed for its theoretical potential to dramatically increase computing power, but also for opportunities to develop more secure and reliable communications and navigations systems.