HHS names new acting CIO
Beth Killoran will take over HHS CIO responsibilities in the absence of Frank Baitman. (HHS)
The Department of Health and Human Services named Beth Killoran acting deputy assistant secretary for information technology and chief information officer.
Killoran will take over the CIO responsibilities in the absence of Frank Baitman, the FedScoop 50 Golden Gov winner who stepped down from the role at the end of November, Colleen Barros, HHS’s acting assistant secretary for administration, announced Tuesday in a note to staff obtained by FedScoop.
Currently HHS’ acting deputy CIO and executive director for the Office of IT Strategy, Policy and Governance, Killoran will continue serving in her prior roles as she takes her acting CIO post, the note suggests.
“Despite a heavy workload, Beth Killoran, Acting Deputy Chief Information Officer and Executive Director for the Office of IT Strategy, Policy, and Governance has agreed to serve as the Acting Deputy Assistant Secretary for Information Technology and Chief Information Officer for the interim following Frank Baitman’s departure,” Barros wrote in her note. “I am deeply appreciative of Beth’s willingness to help us through this period.”
Prior to joining HHS, Killoran spent 11 years at the Department of Homeland Security in a variety of IT leadership roles “in different parts of the organization including Under Secretary for Management, Office of the Chief Information Officer, Citizenship and Immigration Service, and Customs and Border Protection,” Barros’ note said.
She will pick up — at least in the interim — where Baitman left off, having achieved measurable success in moving services like email to the cloud, consolidating systems across the enterprise and launching a virtual desktop pilot. She also takes over the role as agencies look to implement strategies that adhere to the Federal Information Technology Acquisition Reform Act, which calls for centralizing IT budget power under department CIOs. HHS received a D grade in early November from the House Oversight and Government Reform Committee for its initial plans.
Why is satisfaction so low among federal IT workers?
Federal IT personnel are less satisfied with their work than many of their peers, according to a ranking out this week, and several executives close to the federal IT community say senior leadership may be to blame.
Federal IT and cyber personnel reported a 56.2 percent satisfaction rate, nearly two points below the improved governmentwide score revealed in the Partnership for Public Service’s “Best Places to Work in the Federal Government” report, and a dozen points behind the most satisfied mission-critical occupation group of economists. PPS compiles its rankings annually from the Office of Personnel Management’s Federal Employee Viewpoint Survey data and other surveys it does on its own.
“Frankly these jobs are hard,” said Richard Spires, CEO of workforce training company Learning Tree. And because often agency leaders don’t prioritize their IT organizations, Spires said, “you have a dynamic where the morale is hard to keep up because people feel like ‘Wow, we’re doing all we know how to do, we’re constrained in what we can do, and we get beat up all the time because it’s hard to meet the customer’s demands.'”
A former chief information officer with the Department of Homeland Security and the IRS, Spires told FedScoop the results of the rankings didn’t surprise him because during his time as a federal CIO, he saw frustrated IT professionals all the time.
“A lot of times what I found was it was hard to get [IT workers] to stay on with the type of work we could offer and it be very meaningful for them,” he said. “They want to be working on modern technologies, cutting-edge things, new processes, and a lot of times that work just wasn’t there for them” in the legacy-system-saturated federal government.
The disconnect between the work of many IT professionals and the mission of their agency could affect their overall job satisfaction, said Sean Morris, a principal with Deloitte Consulting, which helped produce the rankings.
“The biggest mover at the end of the day is the same for any job type,” Morris said. “And that is how engaged are senior leaders in being able to communicate how what IT professionals do is linked to the mission of an organization. Often, your very senior leaders have a hard time translating down throughout the organization to different classifications.”
That shouldn’t be the case, though, he said, when massive data breaches, like the one announced at the Office of Personnel Management earlier this summer, are devastating agencies.
“If you look at some of the biggest challenges federal agencies have had over the last 12 to 24 months, they’ve actually been in the IT area, and specifically in the cyber area,” Morris said. “That’s just another example of needing to recognize those people that are actually protecting your organization to be able to do what it does or is supposed to do every day.”
Max Stier, president and CEO of the Partnership for Public Service, agreed. “We ought to be worried,” he told FedScoop. “IT is so important to the success of government agencies. It’s mission critical. And in a world in which we have cyberattacks, as well as the opportunity, on the upside, of improving performance through technology, the fact that IT professionals are demonstrating lower scores for satisfaction should be a warning sign for everybody.”
Stier said the top agencies in this year’s ranking — NASA is perennially the top large agency, and the Federal Deposit Insurance Corp. has owned the top spot for mid-size agencies — were successful because of a dedication from leadership to make sure employees are engaged and satisfied.
“What’s the most important quality represented here? A set of leaders who believe leadership really matters and leadership around focusing on employees,” Stier said. “And that’s not true across the board, and it needs to be.”
The rankings, Stier and Morris said, give struggling agencies models for success. Leaders having trouble keeping their IT personnel satisfied can look to the Social Security Administration and the General Service Administration, which ranked the highest in that category for large and mid-size agencies, respectively.
Is there a specific reason they’re more successful?
“The key is that leaders have to be held accountable for this,” Stier said. Leaders must focus on giving employees a positive work experience, he said. “If you don’t have that, almost nothing else matters.”
White House, DOT announce $50M smart transportation challenge for cities
https://www.youtube.com/watch?v=14adE8pVakI
The White House and the Transportation Department are highlighting urban planning for autonomous vehicles and the future of transportation with a new contest, awarding one city $50 million for “bold, data-driven ideas to improve lives.”
The Transportation Department will administer the challenge, and provide the bulk of the prize money, which will be awarded based on how well the city’s vision adheres to the department’s Beyond Traffic 2045 plan, which centers around innovative approaches to urban transportation elements using data, analytics and personal mobile devices enmeshed with automation, connected vehicles and sensor infrastructure.
“This is an opportunity for mayors and city leaders to define what it means to be a smart city when it comes to transportation,” Transportation Secretary Anthony Foxx said in a webcast Tuesday. “Transportation, in some ways, is still in the 20th century when it comes to thinking about technology, innovation and the kind of inputs that mayors think about all the time when it comes to how to integrate transportation and the way of life.”
Cities must submit their “high-level, 30-page ideas” proposal for consideration by Feb. 4. In March, the Transportation Department will award $100,000 each to five finalists to complete final implementation plans. In May, the finalists will submit those plans back to the Transportation Department. The winner will be announced in June.
The department is looking for a “medium-sized city” — with a population between 200,000 and 850,000 people — with a dense urban population and an established public transportation system, according to Mark Dowd, deputy assistant secretary for research and technology at the Transportation Department.
The visions competing cities present also need to accommodate “connected vehicles that can talk to each other” and self-driving, or autonomous, vehicles, as well as partnerships city governments will launch to mobilize and pilot these technologies on their streets, according to the announcement from the department. In their applications, cities will need to list population characteristics, their approach to the Beyond Traffic 2045 vision elements, the data cities currently collect, potential risks, the outside partners the city plans to work with and the city’s measurable smart transportation goals.
“We’re hoping to incentivize you at the local level to work hard,” Foxx said. “Ultimately, we know the best laboratory we have for emerging innovation and technology is where it is most needed, which is in our cities.”
The new contest, details of which were posted Monday, comes alongside the announcement that the Transportation Department will begin a public-private partnership with Vulcan Inc. — Microsoft co-founder Paul Allen’s investment company — which has committed to contribute $10 million to the award to support infrastructure for electric vehicles. The other $40 million will come from the DOT.
In a White House blog post from Jeffrey Zients, the director of the National Economic Council, and John Holdren, the director of the White House’s Office of Science and Technology Policy, the administration said the challenge was an example of how to keep the U.S. “at the forefront of transportation innovation.”
The Smart Cities Challenge announcement comes on the heels of the October release of the Strategy for American Innovation roadmap, designed to encourage technological advancements in the public and private sectors. Earlier in the year, the White House announced $160 million in federal research grants for smart cities projects — the Transportation Department challenge will fall under that proposed $160 million.
IARPA awards IBM grant to further quantum computing research
The Intelligence Advanced Research Projects Activity has awarded a multiyear research grant to IBM, funding research that will lay the groundwork for a universal quantum computer.
IARPA, the research and development office for the nation’s intelligence agencies, issued the grant under its Logical Qubits (LogiQ) program, which seeks to overcome the current limitations of quantum systems by building a logical qubit from other imperfect physical qubits.
Qubits, or quantum bits, is what distinguishes quantum computing from current computing systems. While bits that run on regular computers are stored as a 0 or 1, qubits can be stored as a 0, 1 or both (denoted as “0+1”). The latter is known as a “superposition,” and it’s what allows quantum computers to work exponentially faster.
Earlier this year, IBM uncovered a way to detect and correct errors that are commonplace in quantum computing as well as assembling a new circuit design that would allow quantum computers to be built at a scale never before seen. That work came out of IARPA’s Multi-Qubit Coherent Operations program.
“We are at a turning point where quantum computing is moving beyond theory and experimentation to include engineering and applications,” said Arvind Krishna, senior vice president and director of IBM Research. “Quantum computing promises to deliver exponentially more speed and power not achievable by today’s most powerful computers with the potential to impact business needs on a global scale. Investments and collaboration by government, industry and academia, such as this IARPA program, are necessary to help overcome some of the challenges towards building a universal quantum computer.”
Jerry Chow, a program manager for IBM Research’s Experimental Quantum Computing unit, said the LogiQ program is a “natural progression” of the New York-based company’s work, and could lead to advances in everything from search performance to artificial intelligence to cancer research.
“It’s continuing this idea of increasing the number of qubits, but the next threshold is to reach a point where you could start to employ some of the concepts of error correction to encode a logical qubit of information in faulty and noisy physical qubits,” Chow told FedScoop.
The terms of the grant were not disclosed.
GSA CIO: Agile scrum ‘is not a happy place,’ but it works
Despite the benefits and success stories often tied to agile software development, the reality of moving a team to such a model can be a painful adjustment, according to a group of senior federal IT officials.
“To have a team physically, or in some cases virtually, sort of staring at each other” adds tension when team members don’t perform, EPA CTO Greg Godbout said. “Who didn’t deliver?”
Part of a panel of federal IT leaders speaking about agile development during an Association for Federal Information Resource Management luncheon, Godbout described how the quick-paced “scrum” process — a model in which development teams move rapidly and iteratively, and meet often to assess issues — can be a painful adjustment for federal software developers and others with stakes in a software project, but a healthy one.
“That pressure cooker of not delivering for you teammate always gets the work done,” he said. “And it’s to the core of what makes agile work. It’s easier not to deliver something for a factory model in a room and a group of people you never talk to or rely on. But when you know you’re going to see them every two weeks and hold each other accountable…it works. We all should be working for successful delivery.”
David Shive, chief information officer at the General Services Administration, said his office has been successfully operating an agile scrum process for five to six years now. And like Godbout, he said the adjustment and culture change was a painful one.
“Scrum is not a happy place,” Shive said, likening the term to its rugby namesake, when players physically smash around the ball to take possession. “But the end result is a good thing,” he said, especially when other parts of the business begin joining in and sharing feedback earlier in the development process.
Agriculture Department Deputy CIO Peggy Stroud compared the change to “being shoved in with the holiday family every day,” especially when developers, who are used to working by themselves, are made to work constantly with operations personnel and other stakeholders. The first six months of the learning curve, she said, were the worst.
But all three officials said once their teams became comfortable with agile and the scrum process — or “learned the game,” as Stroud put it — the benefits quickly materialized.
“While it may be painful, this shared pain” is worth it, Shive said. By taking what would traditionally be massive waterfall deliveries and “taking bite-size chunks” out of them, delivering and “getting some wins” in the short term, he said of his agency’s early agile pilots, his team was able to snowball the smaller victories into bigger ones.
“We learned some things, and it was difficult, but in the end…we delivered capability with people, process and technology that was much, much better aligned with the business of GSA,” he said. “Rather than IT delivering a system, there was a shared delivery with shared outcomes” across the business.
Survey: Agencies love the NIST cybersecurity framework
Not only has the National Institute of Standards and Technology’s cybersecurity framework raised the awareness of IT security in boardrooms across the country, it’s become a staple inside the government.
A wide majority of federal IT security employees surveyed by Dell are using the NIST framework in some fashion. Eighty-two percent told the company they are using sections of the framework within their own cybersecurity programs, with 53 percent saying they use the entire guide.
Of those who are using the framework, 74 percent say it’s used as a foundation for their cybersecurity roadmap, helping to improve organizational security.
Paul Christman, vice president of federal for Dell Software, said the framework is “just good policy,” no matter what sector is moving to embrace it.
“It applies to everyone,” he told FedScoop. “It applies to schools, universities, hospitals, [the Defense Department], [the Intelligence Community], and civilian agencies. The document doesn’t say ‘This is how the government should protect the government,’ ‘This is how a bank should protect a bank.’ NIST was really trying to say ‘This wasn’t a government program or mandate;’ it’s just good practice.”
Christman said the lack of a mandate actually helped the document gain popularity with agencies.
“I think when people adopt things voluntarily, there is some ownership and accountability there,” he said. “It’s more like ‘We did this, it wasn’t done to us.’”
He also said it helped contractors get on the same page with agencies as they move to modernize their security systems.
“Everyone is now using the same vocabulary,” he said. “We can actually sit down and we produce marketing materials and say ‘Look, the framework is a given.’ That just accelerates things because we understand what they are talking about.”
That positivity echoes what Intel told FedScoop earlier this year when the company talked about its tests with the framework.
“The nice thing about a framework is it’s very flexible,” Kent Landfield, director of standards and technology policy at Intel Security, told FedScoop. “So we were able to make those changes fit nicely into the evaluation process as a whole, and we were able to then pass it on to the folks who were doing the evaluation.”
Details of the survey can be found below:
Industry questions authorization, open data changes to OMB tech policy memo A-130
The division between the privacy and security approval process for federal IT projects and various rules tied to open data in the revisions to the Office of Management and Budget Circular A-130 have elicited numerous public comments as the extended comment period came to a close last week.
The circular, which governs how the federal government uses its IT assets, is undergoing its first revision since 2000. Released to the public in October, the comment period was extended another two weeks after calls from various groups for more time to parse over the additions.
A number of comments that were posted on the A-130 GitHub page just prior to the closing of the initial comment period and during the two-week extension came from technology companies and policy groups looking to further streamline the process by which agencies can modernize their platforms — and aiming to “future proof” the circular so it is not obsolescent as soon as it’s published.
A good portion of the comments focused on better integration of the Federal Risk and Authorization Management Program, which would codify the government’s push to embrace cloud-based technologies. In a lengthy comment posted in November, Microsoft called for OMB to revise the document “to reaffirm the applicability of FedRAMP.”
“As A-130 itself is being modernized to support the development and use of cutting edge IT and leading information policy approaches associated with its effective management, it would be a stark remission not to integrate the Administration’s ‘cloud first’ policy commitments, achievements and goals embodied through FedRAMP,” the company’s comment reads.
Additionally, a number of commenters asked for further clarification when it comes to a section in Appendix III that creates a parallel authorization authority for privacy issues and gives privacy officers the ability to deny authorizations. FedScoop learned about this provision in June, when sources said they thought this provision would make it harder for agencies to authorize new projects.
Those worries were expressed in numerous comments, coming in from Microsoft, Salesforce and the IT Alliance for the Public Sector, among others. Trey Hodgkins, senior vice president of the public sector for ITAPS, told FedScoop he would like the person in charge of privacy to “co-habitate” with the security folks to streamline the process.
“If you bifurcate the process, you will slow it down and make it disjointed and disconnected,” Hodgkins said.
Comments also called for more clarity around continuous monitoring, asking for benchmarks when it comes to vulnerability risks or how often scans need to be performed in order to be considered “continuous.”
Ralph Kahn, vice president of federal for Tanium, said the document should force agencies to aim for a specific benchmark when it comes to monitoring their systems.
“We need to start asking for more aggressive targets,” Kahn told FedScoop. “When you say things like ‘continuous monitoring,’ that’s a little vague. To some people, ‘continuous’ might be once a day, it might be once every 25 or 30 seconds. We can aspire to much more aggressive targets these days.”
A number of comments also asked for better distinctions around open data. Comments from Socrata, the Center for Data Innovation and the Professional Services all wanted revisions on things like data governance policies and business continuity plans regarding what data stays open in the event of a government shutdown.
Overall, most comments were supportive of the revision, but various groups told FedScoop they wanted to help push the government toward making the document “future-proof.”
“The only way to help the government is to be vocal,” Kahn said. “If someone thinks there is a better way or thinks we can improve on what is the state-of-the-art in the government, than we want to do that.”
DHS will update terror alert system, to lower bar on warnings
The Department of Homeland Security will shortly announce a new terrorism warning system, effectively lowering the bar for alerting Americans about possible terror threats, DHS Secretary Jeh Johnson said Monday.
Speaking in the aftermath of the recent San Bernardino, California, rampage shooting — the first by supporters of the Islamic State in the U.S. — Johnson noted that the two-tier National Terrorism Advisory System, introduced four years ago by his predecessor Janet Napolitano, has never issued an alert, despite several terrorist attacks in the homeland during that time. The NTAS requires “credible, specific” intelligence of an “imminent” threat to warn the country.
“It has this trigger that’s a pretty high bar, which is why we’ve never used it,” Johnson said.
The husband-and-wife mass shooting in California — which killed 14 people, making it the deadliest attack by terrorists in the U.S. since 9/11 — was just the latest in a series by so-called “lone wolf” terrorists, inspired but not directed by foreign extremists. Law enforcement officials say that the absence of communications about their plotting, in particular electronic contact with foreign terrorists abroad, make such attackers very hard to discover
“I believe that in this environment, we need to get beyond that and go to a new system that has an intermediate level to it,” Johnson told a Defense One event in Washington. “And I’ll be announcing soon hopefully what our new system is that I think reflects the current environment and the current realities.”
Amid growing concern earlier this year about the Islamic State’s effort to recruit lone wolves, Johnson announced in October a review of the NTAS, which was itself a replacement for the Bush-era color-coded terror alert system that was scrapped after being discredited by the mockery of TV comedians and more serious allegations that its use had been politicized.
To replace the NTAS, Johnson said, he would unveil a new system that “adequately informs the public at large not through news leaks of joint intelligence bulletins to law enforcement, not through leaks from anonymous government officials, but … that informs the public at large what we are seeing, even if what we are seeing could be self-evident to the public.”
DHS must do a “better job of informing the public about what we are seeing, removing some of the mystery about the global terrorist threat, and what we are doing about it and what we are asking the public to do. So, I’m hoping that I will announce this in full in the coming days,” he concluded.
Contact the reporter on this story at Shaun.Waterman@FedScoop.com. Follow him on Twitter @WatermanReports.
House Homeland Security chairman: ‘No simple answers’ in encryption debate
The U.S. needs to strike a balance between protecting consumer privacy and bolstering the country’s efforts to police terrorists in cyberspace, according to the chairman of the House Committee on Homeland Security.
Speaking Monday at National Defense University in Washington, D.C., Rep. Mike McCaul, R-Texas, said “there are no simple answers” in the debate about law enforcement access to encrypted communications. But he called for the creation of a national commission on security and technology challenges. He said he would propose legislation to create the blue ribbon panel “soon.” The panel “would bring together the technology sector, privacy and civil liberties groups, academics, and the law enforcement community to find common ground,” he said.
“I will not tell you it’s an easy solution,” McCaul added during a question-and-answer session following his speech on the state of homeland security. “But I’ve had very in-depth discussions that I do believe there are alternatives, there are some solutions to this problem.”
Technologists have criticized calls for law-enforcement accessible back doors into encrypted communication products, saying terrorists would simply use non-U.S. products and that the back doors would weaken the security of encrypted communications — vital to e-commerce and citizen privacy.
McCaul appeared to recognize those competing priorities when he denied the discussion was about “privacy vs. security.”
“It’s ‘security vs. security,'” he said. “A legislative knee-jerk reaction could weaken internet protections and privacy for everyday Americans, while doing nothing puts American lives at risk” from undetected terror attacks.
McCaul’s speech comes a day after the president spoke about fighting terrorism in a nationally televised prime time address. In his remarks, President Barack Obama sought to reopen the encryption debate when he called on “high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”
At NDU, McCaul condemned the president’s national security strategy, saying a “leadership void has put the United States homeland in the highest threat environment since 9/11.”
At the same time, McCaul lauded the White House’s efforts to help pass legislation that would encourage companies to share information on cyberthreats by giving them legal immunity. This year, House passed two versions of an information-sharing bill and the Senate passed its own version in October. Lawmakers from both chambers currently are negotiating a final bill to send to the president.
Passing the legislation is critical because the threat is severe, he said.
“We are tied more to the Internet than any other nation, and therefore we are most vulnerable to a cyberattack,” he said
As feds’ job satisfaction rises, IT and cyber workers’ lags — ‘Best Places to Work’ report
Federal employees are more satisfied and committed to their work than they have been in nearly five years, according to a new Partnership for Public Service report, but IT and cybersecurity personnel appear to lag behind the bunch.
The data are included in PPS’ latest annual “Best Places to Work in the Federal Government” rankings, and based largely on the Office of Personnel Management’s Federal Employee Viewpoint Survey. While the pack of top agencies to work for has remained largely unchanged from years past, this year’s report shows government as a whole becoming a more attractive employer.
Overall federal employee satisfaction and commitment jumped by 1.2 points in 2015 to 58.1 percent after a four-year skid. The primary factor influencing that, the report says, is effective leadership — particularly senior leadership. While that score remains low — 43.8 percent — it’s a 1.4 point improvement on last year, when it dropped three points. Every year PPS has produced the rankings since its inception in 2003, leadership has ranked as the primary factor influencing employee satisfaction and commitment.
Still, the overall satisfaction and commitment score is well below that of the private sector. Survey research organization Sirota claims the satisfaction rate for private sector employees in 2015 is 76.7 percent.
And the news is worse for federal IT and cybersecurity specialists, who rank the lowest among five mission-critical occupations in government. With a score of 56.2 percent, IT and cyber professionals are nearly two points less satisfied than employees governmentwide. Economists, the repost shows, are the most satisfied at a 68.1 percent rate. This was the first year PPS included a breakdown by job occupations.
But the rankings are an opportunity for improvement, giving federal leaders an additional set of data to improve the workforce, PPS President and CEO Max Stier said in a statement.
“The employee voice is one of the most powerful tools that federal leaders have to understand their organizations,” Stier said. “The Best Places to Work in the Federal Government data can be used to increase employee commitment and improve performance as agencies strive to better serve the American public.”
And it appears things are looking brighter than they have in recent years. In 2015, governmentwide data showed increased employee satisfaction in all 10 workplace categories PPS takes into account, including the already-mentioned leadership, as well as innovation, support for diversity, work-life balance and pay. Last year, seven of the 10 scores dropped. Likewise, more than 70 percent of individual agencies saw satisfaction increases, compared to 43.1 percent last year, and 24 percent the year before that.
As for the top-ranked agencies to work for in 2015, based on size, the results look very similar to last year’s. Again, NASA ranked first for large agencies, and the Federal Deposit Insurance Corporation snagged the top spot for medium-sized agencies, now for the fifth year in a row. The Federal Mediation and Conciliation Services jumped from the second spot in last year’s ranking of small agencies to the top this year, and the Tennessee Valley Authority’s Office of the Inspector General was the top-ranked agency subcomponent in 2015 after not placing in the top 10 in last year’s report.
Here are the top 5 agencies from each category:
Large federal agencies (15,000 or more employees):
1. National Aeronautics and Space Administration
2. Intelligence Community
3. Department of Justice (tie)
3. Department of State (tie)
5. Department of Commerce
Mid-size federal agencies (1,000 to 14,999 employees):
1. Federal Deposit Insurance Corporation
2. Peace Corps
3. Government Accountability Office
4. Federal Trade Commission
5. Federal Energy Regulatory Commission
Small federal agencies(100 to 999 employees):
1. Federal Mediation and Conciliation Service
2. Overseas Private Investment Corporation
3. Federal Labor Relations Authority
4. National Endowment for the Humanities
5. Surface Transportation Board
Agency subcomponents:
1. Office of the Inspector General (Tennessee Valley Authority)
2. Office of the General Counsel (Federal Energy Regulatory Commission)
3. U.S. Army Audit Agency (Army)
4. Environment and Natural Resources Division (Justice)
5. Office of Budget, Finance, and Award Management (National Science Foundation)