nextgov

The Hillary Clinton e-mail saga continues. On Sept 23, the House Oversight and Government Reform committee voted 19-15 to hold Bryan Pagliano, formerly a tech aide for Clinton while she served as Secretary of State, for failing to testify about Clinton’s private e-mail server that he maintained. “Mr. Pagliano is a crucial fact witness in this committee’s investigation of former Secretary of State Hillary Clinton’s use of a private e-mail server to conduct government business,” said Oversight Chairman Jason Chaffetz (R-UT).

Pagliano, through his attorney, previously warned that were he to testify publicly, he would simply invoke his Fifth Amendment rights. Nonetheless, the resolution passed along party lines. “Mr. Pagliano’s attorney asserts because his client took the Fifth before the Select Committee on Benghazi, he shouldn’t be required to provide testimony to this committee. This is not a good faith argument,” Chairman Chaffetz said. Ranking Member Elijah Cummings (D-MD) accused Republican counterparts of seeking a “photo op” and “ready-made campaign commercial.” “No matter what anyone says, that is not a legitimate legislation purpose,” Ranking Member Cummings said.

One week after Rep Will Hurd (R-TX) introduced new IT legislation to the House of Representatives, designed to thrust government into 21st-century technologies, the Modernizing Government Technology Act passed on a voice vote. “Many parts of the federal government’s IT infrastructure are stuck in the Stone Age,” said Rep Hurd, who chairs the House IT Subcommittee. “The MGT Act will save taxpayer dollars, increase government accountability, and help government be more efficient in serving the American people.”

The MGT Act is essentially a combination of two prior pieces of legislation, taking portions of its language from the MOVE IT Act Hurd introduced earlier this summer and the White House-backed IT Modernization Fund introduced by Rep Steny Hoyer (D-MD) in the spring. The bill calls for the creation of working IT capital funds in CFO Act agencies, allowing agencies to bank savings from modernization efforts afoot. As a whole, government spends approximately 80 percent of its $90 billion IT budget on legacy systems. Agencies that are able to show savings from modernization efforts would be rewarded under this bill, allowing them to use savings to fund other modernization efforts, such as moving to the cloud.

[Commentary] The adage “good help is hard to find” is especially true for Information Technology (IT) talent in the federal government. The White House recently announced its Federal Cybersecurity Workforce Strategy, which includes a goal of hiring an additional 3,500 cybersecurity and IT specialists by January 2017. The use of existing flexibilities in the government’s system of hiring, training and nurturing talent could enable the government to meet that goal and improve performance today. But many senior IT and human resources managers do not know how to use the system well enough to make this happen. And further, in some areas, the system is so badly broken it is impossible to make progress without substantive reform. The next president should take a pragmatic path to hire more and better IT talent through existing hiring laws, while also enacting a targeted reform program to deliver even better mission results.

[W. Scott Gould is a senior adviser at Boston Consulting Group and former deputy secretary of the Veterans Affairs Department. Jeffrey Neal is a senior vice president at ICF International, former chief human capital officer for the Homeland Security Department, and publisher of the blog ChiefHRO.com.]

Government agencies spend less of their total budget on making operations mobile than commercial groups do, according to new research from IDC. Public-sector spending is about 17 percent of its budget, compared to about 25 percent of private-sector counterparts, according to an as-yet unpublished survey from IDC.

Analyst John Jackson described some of the findings at an AT&T event Sept 7 in Washington. Concerns about the security of apps and the data stored in those apps have been the primary barrier to adoption, Jackson explained. And for at least the past three years, concerns about integrating back-end systems into a mobile strategy have been the second largest barrier to adoption. Jackson predicted public- and private-sector organizations will soon spend more on software services, but spending on software itself is not likely to move much, he said.

So, who governs the Internet of things? Who ensures connected and self-driving cars don’t put their passengers in danger, that security cameras don’t relay video feeds of their users to third parties, or that data collected from billions of consumer devices can be used without compromising personal information? For now, it’s still not clear. Today, several agencies, including the Food and Drug Administration, the Federal Communications Commission, the Federal Trade Commission and the National Highway Traffic Security Administration have authority over some aspects of the Internet of things.

Experts say the regulatory framework isn’t well defined and that agencies will likely need to work together as cases arise that expose the potential downsides of widespread connectivity. As more IoT-related cases begin to test the regulatory framework, “the main thing that connects them is they’re going to have internet connectivity of some sort,” said Lee Tien, senior staff attorney at the Electronic Frontier Foundation. “Regulating a Fitbit is very different from regulating an automobile or regulating an implantable medical device like a defibrillator.” Here’s a look at some of the discussions federal groups are having about regulating the Internet of things.

[Commentary] A key function of government is to address citizen constituent needs. Fulfilling those needs requires implementing innovative and cost-effective services through the public sector’s digital transformation. The goal of citizen service is to provide faster, flexible and more responsive performance in critical mission programs. Partnering with the private sector has proven to be a good channel for innovation and helps deliver best commercial practices for agencies. This collaboration allows for fiscal accountability and provides a vehicle for efficient and fruitful programs.

In any vertical—health care, national security, transportation or education—a starting point for innovation can be in public/private partnering for citizen services. In commercial markets, the pressure is to win, maintain and expand market share while delighting customers with excellent customer service. This same level of pressure is on governments today with the goals of excellent response and effective resolution of any issue.

[Teresa A. Weipert is senior vice president of Sutherland Government Solutions.]

Agency chief information officers will need to get a better handle on their software license inventories and prepare to show savings to the Office of Management and Budget under a new law. Signed into law July 29, the Making Electronic Government Accountable By Yielding Tangible Efficiencies, or MEGABYTE, Act requires executive agency CIOs to develop a comprehensive software licensing policy in order to track spending on software, identify unused licenses and avoid duplication.

“There is considerable waste in software license expenditures, and implementation of the MEGABYTE Act will rectify this to the benefit of American taxpayers,” said Rep Matt Cartwright (D-PA) who sponsored the bill. The MEGABYTE Act requires CIOs to inventory 80 percent of software license spending and enterprise licenses, regularly track and maintain licenses, and embrace metrics such as software usage data to make cost-effective decisions. The act also requires CIOs to report financial savings or cost avoidance that results from software license management.

Collecting public comment on federal rules might get a little easier. An Environmental Protection Agency pilot lets citizens comment on specific paragraphs of proposed rules instead of submitting them via e-mail or in a separate text box. It might seem like a minor feature that should have existed before, but EPA is among the first to test drive it, according to a blog post from General Services Administration tech consultancy, 18F.

Since 2015, 18F and the Consumer Financial Protection Bureau have been gradually adding new features to the eRegulations system, an open source platform that hosts proposals online. EPA is trying out the comment feature on a rule that would lay out fees for groups using the agency's hazardous waste tracking system; interested parties can choose to comment on specific sections, such as the rule's "scope" or "preamble."

[Commentary] Power grids have proven to be vulnerable to cyber terrorists. Hackers interrupted a regional power supply abroad (in the Ukraine), and white hat hackers in the Midwest recently demonstrated there’s nothing special about our own grid that would protect our systems from the eventuality of a similar – and potentially much more damaging – fate. Those of us who make our bread and butter in the world of cyber defense have long warned of the possibility of cyberattacks that could threaten our critical infrastructure, our economy and our very way of life by extension.

In July, new legislation was introduced in the Senate to protect our electrical infrastructure from cyberattack. The Securing Energy Infrastructure Act proposes taking our industrial control systems offline in an effort to isolate them from insidious threats that can lurk in our always-on and always-connected networks. While this approach might be a bit unconventionally retro in nature, it is heartening to see members of Congress working with industry to think about new (and old) ways to address a very real and difficult challenge. But further thinking and action are needed on a global scale. By working with our allies and industrial partners across the globe to ensure information sharing about cyberthreats and attacks, we can do much to further secure our collective online existence. The consequences of oversleeping are far too great to consider ignoring the alarm for an extra nine minutes of peace.

[Jack Harrington is vice president of cybersecurity and special missions at Raytheon]

A global lack of cybersecurity talent could make nations more vulnerable to cyberattack, and governments aren't doing enough to fill that gap, a new report finds. About 33 percent of respondents to a recent survey — spanning eight nations — said a cyber skills shortage does “direct and measurable damage” to their organizations, according to a joint report compiled by Intel Security and Washington think tank the Center for Strategic and International Studies.

The majority, 76 percent, said they didn’t think their governments were doing enough to recruit a better workforce. The survey tapped hundreds of executives in various countries including the United States, the United Kingdom, France, Germany, Australia, Japan, Mexico and Israel. The scarcest skills overall were “intrusion detection, secure software development, and attack mitigation,” the report found. About 71 percent of respondents said that skills shortage makes them “more desirable hacking targets." The US cyber shortage appears to be less dire than that of Australia or Mexico. In those countries, almost 90 percent of respondents said there was a skills gap, compared to a little more than 80 percent of US respondents. Only about 70 percent of United Kingdom respondents reported a shortage.