Watch the entire discussion here. If you’ve spent any time in federal tech circles lately, you’ve probably heard the phrase “AI is a journey, not a product.” It’s catchy but it’s also true, and it came up more than once during a recent panel I moderated with three seasoned enterprise architects: Kurt Steege from Thundercat, Landon Shaw from the U.S. Courts, and Erik Erichsen from Pacific Northwest National Laboratory. We gathered to talk about what it really takes to deploy AI tools that can modernize how agencies operate. We wanted to get beyond the glossy sales pitch to the gritty reality where legacy systems, power-hungry data centers and workforce gaps collide with the promise of smarter, faster, more secure government operations. The infrastructure we’ve got vs. the infrastructure we need Kurt Steege, Thundercat’s CTO, didn’t mince words when it came to the age and fragility of federal infrastructure. “Much of the critical infrastructure that’s out there is quite old,” he said. “You don’t have the ability to build something up completely in parallel, because many of these things are running important tasks… This sort of technical debt spiral, where you’ve got all of this stuff that’s been out there, in some cases still running mainframes, becomes quite difficult to fund and transfer over.” That’s both a funding issue and a risk management problem. Agencies can’t afford additional downtime incurred with a system replacement, but they also can’t afford to keep patching systems that were never built for today’s threats or workloads. And as Kurt pointed out, agencies can’t skip over the physical layer of modernization that includes data centers, power grids and cooling systems.  Those are literally and figuratively foundational to any successful AI deployment. The speed of AI vs. the pace of government Landon Shaw brought a unique perspective from the judicial branch. He’s worked in both defense contracting and government, and he’s seen firsthand how slow the funding cycle can be. “Even if I wanted to get a project funded now, it would be too late for me to do it the rest of this year and probably next year,” he said. “I would have to put it in next year and it would be the following year.” That’s a problem when AI models are evolving weekly. Landon’s advice is to stop chasing the perfect model. Instead, focus on organizing your data, especially historical and archived datasets, into vector databases that can be queried by whatever model is best at the moment. “The industry is moving so quickly that that trained model you spent millions of dollars on last year has been obsolete for six months now,” he said. It’s also a sobering reminder that those leading these projects have to keep an agile mindset and stay flexible as the technology races forward. The workforce we have vs. the workforce we need Erik Erichsen brought the conversation back to people. Technology is only as good as the teams deploying and maintaining it, and Erik’s an expert at leading transformation efforts across both public and private sectors. “We’ve stood up what’s called the Center for AI within PNNL,” he said. “It brings together experts across the organization and gives people a sandbox to experiment with models, agents and tools. It’s about removing fear and building confidence.” That kind of internal capacity-building is critical, especially when so much federal IT work is outsourced to contractors. As Landon pointed out, formal AI certifications or degrees don’t necessarily guarantee expertise in a field that is changing moment by moment. Agencies need to invest in upskilling their current workforce while also rethinking how they evaluate and onboard new talent. Kurt added a generational knowledge transfer layer to that challenge. “Getting that information down from folks who are retiring and loading it into databases or LLMs so it can continually be worked on,” he said, is one way to preserve institutional memory while preparing for the future. The path forward If there’s one thing all three panelists agreed on, it’s that modernization isn’t a one-size-fits-all process. Agencies are at different maturity levels.  They face different constraints and move at different speeds. But the core principles of planning deliberately, investing in infrastructure, organizing your data and supporting your people apply across the board. We’re all on this journey together. Erik emphasized the value of sharing lessons learned, even when things don’t go as planned. And with the right mix of strategy and cross-functional teamwork, federal agencies can build AI infrastructure that’s secure and resilient so that they’re ready for what comes next.The post Getting real about AI strategy and deployment first appeared on Federal News Network.

  The Pentagon is making the reinstatement process smoother for service members who were booted from the military over the COVID vaccine. In a new memo, the under secretary of defense for personnel and readiness said applicants seeking reinstatement now receive special-category VIP treatment. That includes notifying commanders in advance of their arrival, getting priority processing at Military Entrance Processing Stations and an assigned escort to expedite their screening. In addition, the department will proactively review personnel records and discharge characterizations for service members involuntarily separated solely due to COVID-19 vaccine refusal.(COVID vaccine refusers returning to service will receive ‘VIP treatment’ - Department of Defense)The Office of Personnel Management ended up with a budget surplus when fiscal 2025 ended. When OPM closed its financial books on 2025, it found it hadn't spent about $38 million. Scott Kupor, the OPM director, asked employees for ideas for how best to use the unspent funding to drive change. Kupor says about $26 million are going for specific programs. He says $12 million is going into the technology modernization working capital fund for projects like modernizing federal retirement services and for deploying AI to improve operational efficiency. Another $6.5 million is going toward the merit hiring program to rewrite the classification and qualification standards for over 600 federal job descriptions. And finally, $11 million went back to the Treasury to help pay down the debt. (OPM using 2025 budget surplus for IT, merit systems hiring projects - Office of Personnel Management)The Environmental Protection Agency has begun sending furlough notices to its employees, after keeping them on the job for the first nine days of the government shutdown. The agency, up until this point, tapped into carryover funds to keep nearly all of its employees working. Only about 11% of EPA’s 15,000 employees would continue working during a government shutdown according to its contingency plan. Other agencies, including the IRS, have also furloughed staff as the shutdown drags on.(EPA furloughs employees, after using carryover funds to keep them working - Federal News Network)Another year of big premium increases in federal health insurance is on the way. Participants in the Federal Employees Health Benefits (FEHB) program will pay about 12% more toward their insurance premiums starting in January 2026. The insurance program for Postal Service workers is also set for a large premium increase of about 11% next year. The Office of Personnel Management’s announcement comes about a month ahead of this year’s Open Season, which begins Nov. 10. The anticipated cost increase also comes as federal employees face financial uncertainty, with the possibility of missing paychecks under the current shutdown.(Federal health insurance premiums to see another large spike in 2026 - Federal News Network)A Senate panel has approved two of President Trump’s picks for the National Labor Relations Board. The 12-11 vote, along party lines, advances the nominations of James Murphy as a board member, and Crystal Carey as the board’s general counsel. A nomination for a second NLRB member, however, was not considered, which could delay the board from restoring a quorum. Murphy’s nomination as a board member comes after Trump fired member Gwynne Wilcox earlier this year. After Thursday’s committee votes, the two new nominees are a significant step closer to confirmation.(Senate Committee on Health, Education, Labor and Pensions - Nomination hearing for National Labor Relations Board)The IRS is walking back guidance it recently sent to furloughed employees that assured them they are going to be paid after the shutdown ends. The agency is deferring to the Office of Management and Budget, which floated the possibility that furloughed federal employees would not be guaranteed back pay. An IRS employee told Federal News Network that earlier guidance emailed to employees was automatically deleted from their inboxes by Thursday. Legislation that President Trump signed in January 2019, which ended a record 35-day government shutdown, created that guarantee for back pay.(IRS backtracks on back pay guarantee for furloughed employees - Federal News Network)The Defense Department’s office of inspector general says it couldn’t fully assess the Pentagon’s progress on its 5G implementation plan. The inspector general found that the department’s research and engineering office left out key elements from its implementation plan, such as timelines and milestones, roles and responsibilities and metrics for evaluating progress. The IG recommended that the Defense Department’s chief information officer and research and engineering office establish or update existing procedures to ensure that implementation plans are developed using industry-based practices. The department released its 5G strategy and implementation plan in 2020.(DoD IG says Pentagon’s 5G plan lacks timelines, metrics - Department of Defense IG)Vendors and agencies will have to wait until well into 2026 to use the next version of the popular Solutions for Enterprise-Wide Procurement (SEWP) governmentwide acquisition contract. The program office at NASA that runs SEWP extended the fifth version of the contract through April 2026. Meanwhile, the program office continues to review proposals for the SEWP 6 contract. NASA says the SEWP 6 contract will begin the day after SEWP 5 ends, dates for both of which have not been finalized. The SEWP PMO also says it is funded through fees, so it will stay open during the partial government shutdown.(NASA extends SEWP V contract through April - NASA SEWP)The post Pentagon offers ‘VIP treatment’ for service members released over COVID vaccine first appeared on Federal News Network.

WASHINGTON (AP) — Mike Johnson is the speaker of a House that is no longer in session. The Republican leader sent lawmakers home three weeks ago after the House approved a bill to fund the federal government. They haven’t been back in working session since. And on Friday, his leadership team announced they won’t be returning next week either. In the intervening time, the government has shut down. President Donald Trump began a mass firing of federal workers. And a Democrat, Adelita Grijalva, won a special election in Arizona but has not been sworn into office to take her seat in Congress. “People are upset. I’m upset. I’m a very patient man, but I am angry right now,” Johnson said during one of his almost daily press conferences on the empty side of the Capitol. “I’m doing our job. We passed the bill,” he said Friday, as he left the building. “It’s on the Senate. They’re the ones playing games. All the questions need to be for them.” To stay or go, no easy choices ahead The House’s absence is creating a risky political dilemma for Johnson. It’s testing his leadership, his grip on the gavel and the legacy he will leave as speaker of a House that is essentially writing itself off the page at a crucial moment in the national debate. There are few easy choices on the schedule ahead. If the speaker calls lawmakers back to Washington, he opens the doors to a potentially chaotic atmosphere of anger, uncertainty and his own GOP defections and divisions as the shutdown drags on. But by keeping the representatives away going on a fourth week, lawmakers risk being criticized for being absent during a crisis — “on vacation,” as House Democratic Leader Hakeem Jeffries puts it — as the military goes without pay and government services shut down. Johnson’s initial strategy to avoid the government shutdown was a well-worn one — have the House pass its bill, leave town right before the deadline and force the Senate to accept it. Jamming the other chamber, as it’s often called. And it often works. But this time, it’s a strategy that is failing. As House skips town, blame falls to Senate GOP senators have been unable to heave the House bill to passage, blocked by most of the Democrats, who are refusing to reopen the government as they demand health care funds for insurance subsidies that will expire at year’s end if Congress fails to act. Senate Majority Leader John Thune, R-S.D., has been trying, repeatedly, to peel off more Democratic support. But after having called a vote more than a half-dozen times to pass the House’s bill out of the Senate, not enough Democrats have signed on. Senate Democratic Leader Chuck Schumer is holding out for a deal on the health care issue. Stalemated, quiet talks are underway, as small groups of lawmakers are privately trying to negotiate off-ramps. Republican Sen. Lisa Murkowski of Alaska has proposed keeping the health care subsidies in place for the next two years while instituting changes to the program. Sen. Mike Rounds, R-S.D., has a similar proposal, and GOP Sen. Susan Collins of Maine has shared with leadership her own six-point plan. “We’re making progress,” said Sen. Markwayne Mullin, R-Okla., who is close to the Republican president. “I think we’re kind of starting to get to a place.” Empty halls and viral moments Not since then-Speaker Nancy Pelosi, a Democrat, sent lawmakers home at the start of the coronavirus pandemic in 2020 has the House been without its lawmakers for such an extended period of time outside of an August recess — but even then, leaders quickly stood up a new system of proxy voting as legislative business continued. In the Capitol’s empty halls, a few lawmakers linger. They have been filming social media posts as they narrate the inaction. They have created viral moments, including GOP Rep. Mike Lawler’s confrontation with Jeffries. Some are simply giving tours to visiting constituents. GOP Rep. Marjorie Taylor Greene of Georgia has been among the most outspoken critics of her party’s stance, saying Congress needs to address the health care subsidies. And Grijalva is just trying to go to work. The representative-elect won the special election to replace her father, veteran Rep. Raul Grijalva, who died earlier this year after his own career in Congress. Her arrival would shrink Johnson’s already slim majority to paper thin, and she has said she would sign onto the legislation demanding the release of the files pertaining to the sex trafficking investigation into Jeffrey Epstein, providing the last signature needed to force a vote. Democrats have clamored for the release of the Epstein files, looking to force Republicans to either join their push for disclosure or publicly oppose a cause many in the Republican base support. Johnson, whose majority is among the most narrow in modern times, has refused to swear Grijalva into office. House’s newest member waits and waits The speaker has given shifting reasons for why he won’t allow Grijalva to take her seat, saying he’d do it whenever she wanted but also saying the shutdown needs to end first. He said it has nothing to do with the Epstein files. As questions mounted over the House’s next steps, so did the speaker’s exasperation. “The reason the House isn’t here in regular session is because they turned the lights off,” he said during Thursday’s press conference. “I’m trying to muster every ounce of Christian charity that I can, but this is outrageous.” He declined to say if or when the House would be called back to session. “We’ll keep you posted,” he said. “And let’s pray this ends soon.” ___ Follow the AP’s coverage of House Speaker Mike Johnson at https://apnews.com/hub/mike-johnson/.The post Speaker Johnson keeps House lawmakers away, canceling another week’s session as shutdown drags first appeared on Federal News Network.

After a month-long amendment impasse, the Senate approved its fiscal 2026 defense policy bill, clearing the way for the House and Senate Armed Services Committees to negotiate a compromise bill. The Senate passed the bill in a 77–20 vote late Thursday after senators agreed to vote on 17 standalone amendments, while another 48 less controversial measures were bundled into a manager’s package and adopted by voice vote. The legislation passed despite the government shutdown that has stalled most of Congress’s agenda.  During a marathon voting session on amendments on Thursday, Republicans toppled Sen. Jeff Merkley’s (D-Ore.) proposal to require federal law enforcement officers and service members engaged in crowd control to display clearly visible identification information, such as their service branch and last name.  The Senate also rejected Sen. Tammy Duckworth’s (D-Ill.) proposal to limit military assistance to civilian law enforcement. It would have required the President to notify and submit justification to Congress for the support, and capped support at 30 days unless Congress approved an extension by joint resolution. Sen. Chris Van Hollen’s (D-Md.) amendment that would have barred the President or defense secretary from deploying National Guard units without the consent of the governor or the D.C. mayor was also voted down.  Sen. Bernie Sanders’s (I-Vt.) proposal to fund universal dental care for veterans also failed. The amendment sought to redirect 10% of the Defense Department’s discretionary budget — except for troop pay and the Defense Health Program — to the Department of Veterans Affairs to expand treatment rooms and equipment and hire additional dentists and clinicians to provide dental care to all eligible veterans. Sen. John Curtis’ (R–Utah) amendment to modernize a pay comparability system was rejected as well. Meanwhile, the Senate adopted Sen. John Cornyn’s (R-Texas) amendment to restrict U.S. investments that could bolster China’s technologies, such as semiconductors, AI, quantum, hypersonics and supercomputing.  Sen. Jerry Moran’s (R-Kan.) proposal to make it easier for veterans to receive care at nearby military hospitals and clinics was also approved by a voice vote. The Senate did vote to adopt a bipartisan amendment by Sen. Tim Kaine (D-Va.) and Sen. Todd Young (R-Ind.) that repeals authorizations for the use of military force against Iraq.  An amendment introduced by Senate Majority Leader Chuck Schumer (D-N.Y.) and Sen. Richard Blumenthal (D-Conn.) that sought to prohibit spending on procuring or modifying foreign aircraft that would carry the president also failed. The proposal was the lawmaker’s attempt to block Trump from using a 747 donated by the Qatari government. As the annual bill heads to conference, acquisition reform will be the top legislative priority for both the House and Senate armed services committees. Both versions propose sweeping changes to how the Pentagon does business, but their differing approaches mean the most significant work is still ahead as negotiators reconcile the two. The lawmakers will also have to reconcile the difference in toplines; while the House adhered to the Pentagon’s fiscal 2026 budget request, the Senate added $32 billion above the White House request.The post Senate passes its version of 2026 NDAA amid government shutdown first appeared on Federal News Network.

The Trump administration is moving ahead with more mass firings of federal employees, something it has threatened to do since the start of the government shutdown. Reductions in force are not typical during a government shutdown. During most shutdowns, employees are either working — with or without being paid immediately — or are furloughed, meaning they are not working during the funding lapse. All federal employees typically receive back pay as soon as a shutdown ends, but the Office of Management and Budget has circulated a memo that back pay is not guaranteed for furloughed feds. Office of Management and Budget Director Russ Vought posted on X Friday that “RIFs have begun.” An OMB spokesperson said in a statement that “RIFs have begun and are substantial,” but did not provide additional details. White House Press Secretary Karoline Leavitt said last week that layoffs “likely in the thousands” were being planned by OMB. Just before the shutdown, OMB told agencies to draw up plans for additional RIFs for programs that wouldn’t have alternative funding sources during a lapse in congressional appropriations, and that “are not consistent with the president’s priorities.” This is a developing story and will be updated.The post OMB says ‘substantial’ federal employee layoffs have begun first appeared on Federal News Network.

Interview transcript: Terry Gerton We’re having this conversation in the middle of a government shutdown. What has Armed Forces Mutual seen in the past? You’ve dealt with folks who’ve been through this and needed to call on you. What has the experience been? Mike Meese We have, and it’s interesting to note that there have been 22 government shutdowns since 1976. I experienced some of those here at Armed Forces Mutual; also those that I experienced while I was on active duty in the Army, where you weren’t sure about getting paid and how all that was going to work out. It’s kind of important to note that this is going to be one of the longer shutdowns. Only four of them lasted more than 15 days. And it appears that this will probably go to that period whereby a week from Wednesday, on the 15th, is when at least the military won’t get their mid-month pay. And two of the shutdowns stopped after 17 days, which is usually what happens when somebody doesn’t get their mid-month pay, that puts a lot more pressure on political leaders to make a resolution. Terry Gerton There’s certainly a lot of uncertainty around this particular shutdown. People don’t know their status, people don’t the rules. But what is the key advice that you would give to folks who are in the midst of this, and kind of not knowing how this is all going to play out? Mike Meese Yeah, I think it’s important to think of three things. The first is to — this is why you should have an emergency fund and be prepared for any kind of emergencies, to include a government shutdown. Now, if you’re in this situation and you don’t have an emergency fund, the second thing is, be sure to assess your bills, your priorities, and communicate with all of those people that you may owe money to. And there are all kinds of opportunities. Many banks and credit unions are providing zero-interest loans if you’ve already had a direct deposit set up there. For those in the military, the relief societies like Army Emergency Relief, Navy-Marine Corps Relief Society are stepping in. Even the military post exchanges, they have what’s known as the STAR Card. They’re allowing any service member that uses the STAR Card at military commissaries to have a zero-interest loan on any expenditures in the commissary for three months. So there shouldn’t be any reason why a military person that’s around a commissary can’t get the food that they need. And of course, if you need to reach out to food banks and others to be able to make sure that your families are not food insecure. Terry Gerton Mike, one of the things that is different about this is the rise of AI since the last shutdown. And when people are in a sense of financial emergency, they may be more vulnerable to scammers. Can you talk about what folks are seeing? Mike Meese Yeah, we do see a lot more people providing, here’s a great way to make money very quickly or here’s a great way to get a loan. It’s kind of a sophisticated version of the payday loan sharks that would be located outside of military bases. You need to be very, very skeptical of anything like that, because you can be vulnerable in this kind of a circumstance. If it sounds too good to be true, it probably is. You need to work with the credible credit union organizations like Armed Forces Mutual or relief societies that you know are trustworthy. Terry Gerton Well, you mentioned payday lenders. Beyond that, what advice do you have for people for services not to take advantage of or to avoid? Mike Meese Well, again, you want to make sure that you’re first prioritizing what you’re spending your funds on, and not to just respond to the first thing that comes into your email because that seems like the most important demand. Prioritizing food, shelter, paying your rent and those kinds of things, or talking to the people that you owe the money to. That way, you don’t get taken by somebody who puts demands on your money, and that really is not the best way to spend it. Terry Gerton I’m speaking with Mike Meese. He’s the president of Armed Forces Mutual. Well, that getting repaid is a topic of interest today. The White House is floating a memo that says, maybe that 2019 rule that guarantees back pay for furloughed workers doesn’t mean what you all think it means. Have you had a chance to take a look at that? Mike Meese Yeah, I have, and first disclaimer that I’m not a lawyer and it’ll be up to lawyers and potentially courts to sort this out. But it seemed to me that it’s very likely that the payment will take place for at least five reasons. The first is the law. When you look at the plain reading of the law, it appears to intend to pay workers. The second is precedence. It’s only been used once, and that was back in 2019. And in fact, furloughed workers were paid. The third is the guidance. The Office of Personnel Management, OPM, actually published a 30-plus page-long booklet just last month. And if you go to page nine of that book, in the answer to one of the questions, the guidance from OPM says that furloughs workers will be paid, citing that 2019 law. The fourth thing is, Congress, when they finally pass something that is approved by the President, will likely include a provision, like they did in 2019, that says furloughed workers will be paid. And the fifth reason is, you already see, I think, over 100 representatives from both sides of the aisle signing up for the Pay Our Troops Act, sponsored by Rep. Jen Kiggans. And with that much bipartisan support for at least paying troops as well as DoD individuals, it’s likely that Congress would support that. Terry Gerton Well, that is helpful reasoning, and it may be a little bit of a bright spot. While folks are in the midst of this shutdown and really thinking about their emergency spending, it’s also kind of a good time to do that personal financial audit, right? How should people be walking through sort of their broad financial readiness for something like this? Mike Meese Well, if they have not done so already, it’s important to look comprehensively at your budget, how much you’re spending, how much your spouse is spending, where the sources of income are and where the source of expenditure are. So that you can really identify what is absolutely essential and what are nice-to-have kinds of things. And then by prioritizing that, you can have a good path going forward, establishing an emergency fund so that you know where you can get funds if you need to. And potentially taking advantage of opportunities now to move those into higher-interest savings accounts. Now with the interest rates still being up, there are lots of good places to save those funds. Terry Gerton So what advice do you have to wrap it up for folks who are sitting in all of this uncertainty, maybe struggling with that positive attitude that we just talked about a minute ago? Mike Meese Well, again, it’s important to focus on what you can control, which is yourself, your family, the kinds of things that you do within your community and working with those individuals and not passing that stress on to a lot of others. The things in Washington, they work themselves out. The longest shutdown was 35 days, and that was only a partial government shutdown. As they say, this too shall pass. It’s difficult during this timeframe, but we always see a light at the end of the tunnel, and I think everybody can take hope in that going forward.The post What past shutdowns can teach feds and veterans about navigating the one we’re in now first appeared on Federal News Network.

The civil service comprises the permanent, professional workforce that carries out the day-to-day operations of government agencies, regardless of which political party holds power. Civil servants are hired based on qualifications, skills and merit, not political connections or loyalty to a particular party or President. Unlike political appointees who serve at the pleasure of the President, civil servants have job protections. They can only be dismissed for legitimate reasons like poor performance or misconduct, not because a new administration wants to replace them with political allies. When I was little, growing up on the outskirts of Washington, D.C., my father impressed upon me the importance of choosing a career in civil service. He taught me to view it as an opportunity to make a difference in our communities and society — work that aligned with our values of contributing to the common good. A civil service position was one of prestige and respect. It is with pride that I have dedicated a significant portion of my career to working within the federal government. You have weaponized mass firings as a tool to exert political pressure, particularly during government shutdowns. You have stated that agencies and programs favored by Democrats would be specifically targeted. Just as the federal workforce serves Presidents of both parties equally and without distinction, you are tasked with leading all Americans — not just those who voted for you. The Founding Fathers deliberately designed the presidency through the Constitution to be intentionally limited yet energetic enough to govern effectively. Deeply concerned about both tyranny and weakness, they expected Congress to dominate domestic policy, with the President having more latitude in foreign affairs. They created three distinct branches of government to prevent the concentration of power, safeguard against tyranny, and protect individual liberty. The Founders defined the legislative branch in Article I of the Constitution — making it the first and most extensively detailed branch for a reason. They saw it as the most powerful and closest to the people. Mr. President, you were elected primarily to execute laws, not legislate them. Government shutdowns are dysfunctional and illegitimate as a governing strategy. They are expensive, disruptive and deeply unpopular. Other countries with similar systems have mechanisms to prevent this crisis: If a budget doesn’t pass, the government either falls or operates on continuing resolutions. It is your responsibility to meet with leaders of both parties and negotiate their differences. If you want to lead this country, then lead — with intelligence, compassion and respect for what is best for all Americans. You are perverting the rule of law by weaponizing government shutdowns as tools for revenge. It is cruel and inappropriate to threaten dedicated civil servants with mass firings to force leaders to bend to your will. You must allow us to return to our jobs serving the American people. Stop wielding a political hatchet over our heads and let us continue putting all Americans first, regardless of party affiliation. I hope you can do the same. – A federal employeeThe post An open letter to the President first appeared on Federal News Network.

Interview transcript:  Terry Gerton Mr. Hogue, let me go to you first. The AbilityOne Commission really oversees a huge network of nonprofit agencies through federal contracts. Tell us how the commission works with agencies, especially like DoD and GSA, to make sure that your contracts align with both the government’s and AbilityOne’s mission goals and procurement standards. Robert Hogue Well, thanks for the question. First, let me say how AbilityOne works really is through a unique public-private partnership arrangement. What happens is we look across government, establish what the requirements are for certain kinds of products and services, and then we begin to work essentially through our central nonprofit agencies and nonprofit agencies out there in our network to identify whether or not we are aware of service providers or manufacturers who can provide those required services or products within our network. If we can, and if we can get them at a reasonable price, then the commission effectively will look at all the information regarding the product and the cost, et cetera, and its impact on the nonprofit agencies and whether or not it will result in employment for individuals who have disabilities, and then moves to put those products or services on what’s called the procurement list. Once it’s on the procurement lists, and this is the magic of the program, federal agencies more or less have to buy that product off of that list. So we’re very judicious about what goes on the list and very careful about ensuring that it’s a fair price for the agencies. We’re not trying to absorb all of an agency’s budget. And through a very small investment of federal resources through that mechanism, we have in effect been able to create in the private sector about 39,000 jobs for people who are blind or who have severe disabilities. So again, we need to work through the central nonprofit agencies, the CNAs as we call them. They’re essentially our partners. The agency itself is a very small agency, but because of this unique partnership, we can actually effect a very significant market out there and that pays off in jobs for people who need them, people who otherwise have a difficult time cracking the federal workforce and competing for jobs. Terry Gerton Ms. Zeich, let me follow on with you. Mr. Hogue has talked about how the contracts work, but there’s recently been some rule changes about limiting competition for ability one service contracts. So how are you balancing these new procurement rules with your responsibility to protect jobs for people who have, as Mr. Hogue said, significant disabilities? Kimberly Zeich To take the partnership construct one step further, the AbilityOne Commission is comprised of 11 federal executives and four private citizen members, all appointed by the President. And they’re responsible for making the decisions and determining the strategic direction of the AbilityOne program. When it comes to something like introducing competition, which we did not have previously within the AbilityOne program, the AbilityOne program normally falls within the exceptions to the Competition in Contracting Act. But we have been implementing some recommendations that were made by a government-wide panel to increase accountability and integrity across the AbilityOne program. The limited competition model strikes a balance because it is looking at several factors. We want to afford AbilityOne customers an opportunity to take a look at the different approaches, opportunities for innovation and responsiveness among AbilityOne contractors, but we will balance the other factors, the employment, the training, non-price factors, as well as price factors, to make sure that those limited competitions result in the best outcome for the government and for the AbilityOne program. Terry Gerton Well, your real focus is on the people who are doing the work that are fulfilling these contracts. And you recently drafted a new career development policy for your participating employees. Tell us about that and how it’s going. Robert Hogue If I could jump in on that one, I would say first, yes, our mission is to help create jobs for people who are blind or who have severe disabilities, but it’s not just the job itself. We’re actually trying to bring them into the workforce, and I think the President’s guidance when he originally took office this term made it very clear he wants to bring in people who come from communities that face those kinds of challenges and bring them into the workforce. So we’re not just looking for jobs. We’re looking to help people build careers, hopefully, and what we’re trying to do right now — and Kim, I think, can address this in more detail than I — but we’re trying to make sure that the nonprofit agencies are looking at career development, that training is available and longer-term prospects are on the table. Terry Gerton Ms. Zeich, tell us how you’re engaging your partners in this career development exercise. Kimberly Zeich The commission is working through our central nonprofit agencies, National Industries for the Blind and SourceAmerica, to gather facts, best practices, ideas, as well as resource needs, from the AbilityOne federal contractors, that’s our network of nonprofit AbilityOne employers, persons who are blind or individuals with significant disabilities, so that we can find out, what’s working today? To what extent do we have career development, training, career mobility, whether that’s lateral upward or outward, across the AbilityOne network? And how can we take into account those great ideas before we finalize a commission guidance on the subject? Terry Gerton I’m speaking with Kimberly Zeich, she’s the executive director of the U.S. AbilityOne Commission, and Robert Hogue, the chairperson of the commission and also the principal deputy assistant secretary for manpower and reserve affairs at the Department of the Navy. Mr. Hogue, let me come back to you. There’s been some pushback about the AbilityOne program and some folks have called for its phase out. What is your response to that, and what did critics maybe misunderstand about the AbilityOne program? Robert Hogue Well, thanks for the question. I think there is a great deal of misunderstanding out there about the program. First of all, I’m aware that some individuals out there believe that the AbilityOne program is only able to provide essentially janitorial, service-type jobs out there. It’s not providing those high quality jobs and therefore you could measure the value of that service by whatever your particular standard is and decide it’s not worth keeping. I would challenge that assumption. Yes, it’s true, we do take care of some buildings, some groundskeeping, those jobs are there. And those jobs, by the way, do return value to the individuals that hold them. But we aspire to much more than that. And if I could, I would say we’re working with some federal agencies right now, and particularly inside the Department of Navy, to try to identify higher-end, what I consider to be higher-end jobs, engineering type jobs, or engineering technician type jobs with defense contractors that are through the mechanisms that we already have in place. The major commands in the Department of the Navy can set aside some of those kinds of positions, assuming that the commission can find employees to fill those jobs. So we’re working on that kind of a thing. And I think the people who are interested in shutting us down are again, primarily focused on the wrong type of employment. I would also say the commission isn’t what’s important here. Shutting down the commission doesn’t do anything. It puts 25 or so people out of a job, assuming they can’t find a transfer to another position in some other agency. That’s not really the issue. The only reason I’m here, the reason I was attracted to this work in the first place, and the reason, I think, people come and stay is because of the mission itself. We are helping people with severe disabilities, blindness and things of that nature to try to find gainful employment, to make sure that they get the rewards that employment brings to individuals, not just taking care of themselves, sometimes their families, and achieving a larger public policy purpose, and that is ensuring that the government doesn’t have to take care of people who can otherwise care for themselves. Those are laudable goals, which I think could easily be squashed if the commission was put out of business for the wrong reasons. Terry Gerton Well, Ms. Zeich, let me follow up with you. That mission that Mr. Hogue just articulated is really powerful. How are you addressing some of the particular issues, like ending subminimum wage or combining competitive employment for the population that you serve? Kimberly Zeich Thank you for that question. And Mr. Hogue addressed some of the criticisms that some organizations have of the AbilityOne program, I’d like to look at the other side of that to say we have also taken some of those critiques as opportunities to improve the AbilityOne program. So the commission eliminated the use of any subminimum wages across the AbilityOne program in 2021. The commission issued a policy that’s been fully implemented. The commission has also been working on several ways that we can have more integrated workplaces across the AbilityOne program, which speaks to competitive integrated employment, or CIE. That competitive integrated employment is about competitive wages and benefits, opportunities for career mobility or career advancement, like anyone without disabilities and opportunities to work in an integrated setting. So we’ve been really driving the AbilityOne program closer and closer to that model of employment. Terry Gerton What are some of the best practices that you all have learned within the AbilityOne program that agencies across the government could learn from in how they deal with individuals in their own workforces who may have disabilities? Kimberly Zeich That’s a great question. And I know that the federal government is a model employer of Americans with disabilities. At the same time, I would remind all of my federal colleagues that providing adaptive technology and reasonable accommodations is typically very straightforward and very affordable. And I would also want my colleagues to know that the AbilityOne program can be an excellent talent pool for federal agencies. We have individuals with disabilities who are interested in upward mobility or outward mobility. We have seen employees go from AbilityOne jobs into federal jobs, so that can be an excellent career pathway. Terry Gerton Thank you. And Mr. Hogue, let me come back to you. As you think about the future of the AbilityOne program and where you see it being able to have impact, are there particular asks that you might have of Congress or the federal government to help you accomplish that vision? Robert Hogue Yes, there are, actually. I would start with, we have a new administration, several months into this, obviously. It’s important to have the support of the administration, or at least the understanding of the administration, and I feel very fortunate that this administration has shown that they have an interest in the program. I think they understand the mission and they have been supportive of the ways in which we’re trying to execute the program to meet not only program goals, but also to align with the Presidents’ mission itself. And so I’m grateful for the administration support we’ve had so far, and that includes budgetary support. From the Congress, mostly what we need from the Congress is what’s most obvious, is we need some resourcing. We have a small agency that requires staff and very small things like an IT budget and an IG office and things of that nature. We need those resources, as every agency does, to operate. But in addition from Congress, we need their interest. We need for them to be aware of what the agency is actually trying to accomplish. We will get good ideas from congressional staff. We had meetings with them already this year. Those return fairly productive conversations that highlight ideas that we can act on and that they can act on. So their interest is very important to us as well as the resources.The post AbilityOne expands economic opportunity for people with significant disabilities first appeared on Federal News Network.

The IRS furloughed nearly half its workforce earlier this week, but is now warning remaining staff they may also be sent home — at least temporarily — if they take too much leave during the government shutdown. The agency is telling shutdown-exempt employees that they will be furloughed if they take more than eight hours of leave per pay period. Two IRS employees told Federal News Network that the policy change was communicated verbally to the workforce, and that no email or memo was sent. Federal News Network also obtained a recording of an IRS manager communicating these changes to employees. The IRS and the Treasury Department did not immediately respond to a request for comment. According to these sources, IRS employees were told that if they take more than eight hours of leave per pay period, they will be furloughed for the remainder of the pay period, and “may or may not” be called back to work during the next pay period. According to employees, management pulled them aside on Thursday and informed them about the new payroll and timecard changes. “I was told I would be furloughed for the remainder of the pay period, due to taking more than eight hours of leave in a pay period,” one IRS employee told Federal News Network. The employee said they had just signed paperwork outlining that they are exempt during the shutdown, and that leave and pay would continue as normal. The employee’s furlough exemption states that they should continue working during the shutdown, as of Oct. 8. “All your time reporting, leave, and pay remain as usual,” the notice states. The IRS, which is preparing for next year’s filing season, kept all its employees on the job for the first five business days of the shutdown. But its initial contingency plans didn’t specify what would happen if a lapse in funding extended beyond Oct. 7. The employee said they were given a standard furlough notice. The template notice on the IRS website states that furloughed employees are guaranteed back pay once the shutdown ends. But on Thursday, the IRS walked back that guidance that included the back pay guarantee. The IRS is now deferring to the Office of Management and Budget, which on Tuesday floated the possibility that furloughed federal employees would not be guaranteed back pay. The employee said their furlough notice email “mysteriously disappeared from my work email.” A copy forwarded to their personal email, however, remains in their inbox. Legislation that President Trump signed in January 2019, which ended a record 35-day government shutdown, guarantees back pay to these employees once any shutdown ends. The exempt employee was told they will return to work later this month, but they have been unable to get this update in writing. “I asked for a guarantee that I would return,” the employee said, but their direct manager said they couldn’t make that promise. According to a second employee, individuals who have been furloughed for taking more than eight hours of leave in a pay period will be brought back to work the next pay period, but was told “it’s not definite.” The IRS, in updated contingency plans it posted Wednesday afternoon, plans to keep 53% of its employees working, as the shutdown enters its second week. A majority of them work in public-facing taxpayer services positions. The agency began an “IRS-wide furlough” on Wednesday morning, “for everyone except already-identified excepted and exempt employees.” The IRS is preparing for next year’s filing season and scrambling to prepare for major changes to the tax code as part of the “Big Beautiful Bill” that Trump signed into law in July. Some of those changes will go into effect as soon as next year’s filing season. Former IRS Commissioner John Koskinen told Federal News Network on Wednesday, prior to this new leave policy, that he would “be very surprised if much of the remaining workforce was furloughed.” “The Constitution clearly states that ‘emergency’ employees, who can work without an appropriation, are those involved in protecting life or property. Property includes federal tax revenues. So there is no reason to furlough those in the IRS working to prepare for the start of the filing season beyond the customer service employees,” Koskinen said. Larry Gibbs, another former IRS commissioner, agreed that furloughs could hamper the agency’s preparations for next year’s filing season. “The filing season next year has many risks. Current furloughs are one of them,” Gibbs said.The post IRS says shutdown-exempt staff face furloughs if they take too much leave first appeared on Federal News Network.

This column was originally published on Roger Waldron’s blog at The Coalition for Common Sense in Government Procurement and was republished here with permission from the author. Last month, the FAR & Beyond blog highlighted the importance of the formal rulemaking process in cementing the regulatory streamlining accomplished during Phase I of the Revolutionary Federal Acquisition Regulation Overhaul (RFO). Robust, consistent, and transparent public rulemaking will ensure a sound, fulsome consideration of the regulatory changes. Given the significant changes across the entire FAR, it is critical that the public be given sufficient opportunity to examine, analyze, and provide comment on the changes. For example, key stakeholders should have the opportunity to share their experiences operating under the RFO deviations. Are there lessons learned that can further enhance and/or streamline the regulations? Are there additional opportunities to reduce barriers to entry for commercial firms? Are there any unintended consequences where refinements to the regulations can be made to achieve the RFO’s streamlining goals? A positive, engaged rulemaking process is a major step in ensuring the success of the RFO. The FAR, as transformed by the RFO, is the framework by which the government and industry transact business in support of the federal mission. As such, it is fundamental to the RFO’s success that an engaged, empowered acquisition workforce leverages the new flexibilities to deliver timely, best value mission support for customer agencies. The acquisition workforce includes those in the government and the private sector. It will be important that the acquisition workforce understands the RFO’s underlying philosophy and strategic goals. In addition, providing guidance, context and training on the RFO’s flexibilities, nuances and discretion-based decision making is critical. Contracting officers must be willing to embrace and exercise the discretion the RFO has empowered them with to make sound, best-value business decisions. To this end, the FAR Council has developed resource materials to support the acquisition workforce in understanding and applying the RFO. Acquisition.gov includes a host of resources for the acquisition workforce. The “FAR Companion” is a consolidated guide that includes practitioner tips and how-to procedures for the acquisition workforce. It also provides helpful context on the goals of the RFO. There are also RFO Practitioner Albums that provide context on the changes in each FAR Part and guidance on implementation/application of the new rules. For example, the Practitioner’s Album for the various new FAR Parts include “Smart Accelerators” that provide guidance on acquisition techniques and practices. These resources are a positive step in developing the intellectual and practical guidance supporting the RFO. The acquisition community looks forward to the RFO’s “Buying Guides” as the next step. Finally, the Federal Acquisition Institute and the Defense Acquisition University will play leading roles in ensuring the acquisition workforce has the resources to embrace and execute the RFO. The guidance materials developed for the acquisition workforce in support of the RFO are the building blocks for operational success. Management accountability to the RFO’s goals will also be crucial. Accountability will ensure consistency in application of the new business rules. Inconsistency drives risk, and increased risk translates into higher prices and costs for both contractor and customer. It will take a significant effort across all management levels of the acquisition workforce to embrace the RFO. The post The next steps in the Revolutionary FAR Overhaul, continued… first appeared on Federal News Network.

Interview transcript: Terry Gerton We’re looking now at the deferred resignation program sort of in the rear view mirror. When you think retrospectively, what was so unusual about this program and the way it was structured? Michael Fallings Well, I think from the beginning, how it was disseminated to employees and the structuring from that was unusual, because employees were given a short time frame to make a decision on whether to enter the program. And then even after that deadline, a number of employees experienced issues, as far as whether they were even eligible still for the program, whether they were violating the agreement or whether even the government was violating the agreement during that period of time. Our firm had fielded a lot of consultations and clients retained us because of issues employees were having during the program period. And then there were subsequent offerings of the DRP to employees which still contained unclear messaging about the eligibility for those employees and what the agreement was actually saying. Terry Gerton As you talked to folks who were considering taking it or took it and then lacked clarity, what were some of the biggest lessons learned or insights that you discovered as you got a better picture of the program? Michael Fallings I think one of the main issues, I guess lessons learned, was eligibility for the DRP and voluntary early retirement. We found there were a lot of employees that were told they were eligible for that, which then actually they weren’t. So I think a lot a of learning lessons for people was really not to just act so quickly without consulting with an attorney or actually doing some fact checking on their own end. I think that’s probably the biggest lesson learned. I think there have been issues, as well, as far as just what employees could have done during the period, during the DRP period, as far as where they were working and then what debt was owed still to the government. There were clauses in the agreement about debt would be waived, but it turns out not all debt applied to that. And then as far as where they’re working, we’ve had employees that were working, that started working in other locations, then were found to be in violation of the agreement. So again, it goes back to that just, well, what was in the agreement may have been stated to be too good to be true. And really those employees didn’t really, or should have done some more fact checking to confirm that they were eligible for working at a certain place or what debt they may have owed to the government was waived or not. Terry Gerton I want to come back to the debt and employment piece, but I want to first ask as this rolled out because it’s sort of been on the street now for about six months, did you find that the government clarified any of these issues as the waiting period kind of rolled through? Michael Fallings Well, it attempted to. After the DRP was announced, OPM did issue a FAQ on its website and attempted to clarify several questions. But then there were still more questions. There was still more clarity that needed to be made. And then certain agencies were trying to deal with them on a situational basis. So they attempted to, and those agencies attempted to as those issues arose, but it wasn’t across the board. Terry Gerton Tell us now more about the debt issue particularly. What kind of debt is at stake here, and how should employees or former feds be thinking about what they owe and what the government owes them? Michael Fallings Well, yes, the agreement, a lot of the agreements originally said that pretty much all debt owed to the government was waived. But as it turns out, we’ve had clients that are still being told they owe debt for overpayment, perhaps student loan debt. And so for those employees, now they are having to either pay that debt or seek a waiver with DFAS of that debt, or work out a payment plan. So that’s what those employees could try to do now. Or, they could try to challenge the debt and challenge that they owe it through DFAS. Terry Gerton I’m speaking with Michael Fallings. He’s a managing partner at Tully Rinckey. And one of the other issues that came up pretty frequently when the program first rolled out was whether someone who took the DRP and was basically on paid administrative leave could take other employment. How has that worked out in practice? Michael Fallings Yeah, it’s been situational. I mean, I think some employees have been able to work, but some employees that did seek work were found in violation or they were told they could not work in a specific location. Now, most of these agreements did say that they should consult with the agency’s ethical office or whatnot, but it still wasn’t exactly clear what was off limits because they were still employees. Employees had questions during the DRP period about whether they should just resign and then take the position that they were seeking or not. And that was a question that some employees found that they’re in trouble for because they didn’t resign and they were still seeking benefits from the government. So that’s how it’s really played out, it’s been situational mainly, where some employees have been able to work and haven’t suffered any issues, while some employees who were found in violation are now being told they have to pay back money to the government. Terry Gerton Now that the program has ended, for folks who participated in it, what should they be expecting in the resolution of their claims, their discharge, their retirement, how is that playing out? Michael Fallings Well, now that these employees are now no longer federal government employees, they should have hopefully received their official personnel file. They’re still eligible to return to the federal government if they would like to, but they’re no longer receiving that benefit. If they are retirement eligible, then perhaps there’s an annuity still coming to them. If they’re not, then they’re no longer receiving any kind of payment benefit and they are permitted to work wherever they want now. If they have claims against the government, they can still pursue those. There’s, again, a lot of employees that I think still have questions about whether they receive their full benefit or not from the government. And for those employees, they should seek to try to file claims regarding their benefits, whether it’s with the agency itself or the Office of Personnel Management. Terry Gerton So the fact that the DRP ended on the day before the government shutdown began could have some consequences here. How do you think the shutdown will affect the wind down of DRP programs and the individuals affected by them? Michael Fallings It will likely delay any kind of processing of separations for the employee or any claims that those employees seek to file. Hopefully, it’s not a lengthy delay for those employees, but with the shutdown, a lot of agencies, a lot of personnel aren’t able to process paperwork, to separate those employees or to process claims of those employees. Terry Gerton So that leaves, perhaps, people in a limbo status for a while. Michael Fallings Yeah, it does. I mean, I think there’s a lot of people, DRP or not, that are in limbo status, but especially those that were supposed to not be employees as of September 30th, and perhaps are still waiting on certain documents, a last payment, perhaps, or whatnot. Terry Gerton The DRP was really a first-of-its-kind program here. So people didn’t know how it was going to roll out, exactly what the rules would be. As you look back at it now, what do you think are the most important lessons maybe that the government learned if they were going to try to do something like this again? Michael Fallings For the government side, I think take its time and make sure they’re following the correct procedures. A buyout offer, I guess, is not uncommon, at least in the private sector, when trying to reduce the amount of employees, but it needs to ensure it’s complying with regulations. It needs to have a clear messaging so employees know what they’re eligible for and what their rights are as well. And it needs to be consistent across the board. I mean, the government is a large employer and there’s several different agencies where agency heads were saying one thing and another agency head was saying another. So there needs to clear and consistent messaging. I think that’s a learned lesson as well.The post The Deferred Resignation Program left federal workers confused, and many still don’t have answers first appeared on Federal News Network.

Interview transcript:  Terry Gerton Booz Allen has just announced an extension of your partnership with SEEQC to solve some big hurdles in quantum. Tell us about what you’re working on and how this partnership advances them. Bill Vass Yeah, so this is in the quantum computing space. And so one of the biggest challenges with quantum computing is error correction. So they’re very noisy. Your current computers, like your iPhone, or your Android phone, or your laptop, whatever you happen to be using, it does have error correction code because there are literally alpha particles coming from space and flipping bits on the memory, but you don’t know it because the error correction code is there to do that, otherwise it’d be crashing all the time. But there’s a very small amount of that happening, and a very small amount of compute applied to error correction. In a quantum computer, because you’re dealing with operations on small atomic particles that you’re sort of building in the circuits of the quantum computers, basically molecules, if you want to think of it that way, are the circuits you’re putting together and you’re entangling them and operating on them in superposition. They’re very susceptible to the slightest amount of interference from the real world. So you often see them with big cryogenic stacks because they operate at very low, close to absolute zero, as close as we can get at temperatures. That’s to remove vibration. In almost all cases, they’re operating with as little vibration as possible. And any vibration is an error. Electromagnetic fields causes an error, the quality of the fabrication causes an error. So there’s a very large amount of compute applied to error correction in quantum computing. And what SEEQC is doing is working to reduce that and make it much easier to do error correction so that you can have what’s called logical qubits, or qubits that are error corrected that we can use to do amazing things as quantum computers advance. And so that, plus they’re moving a lot of the compute for error correction into the cryogenic stack rather than having to have wires running to the outside that you currently have today, which makes the quantum computer much smaller. The first machines that will come out today, over the next maybe five years or so, will be as big as a football field for one machine. So that’s not so unusual. I mean, the old ENIAC, remember the tubes, everything was big and it just gets smaller and smaller. This is the first iteration of these. And what SEEQC is doing is building not the qubits necessarily, which are the processing components of a quantum computer, they’re building everything around the qubit to make the computer smaller and more reliable and more error corrected. And so we’re writing the firmware for that at Booz Allen and that’s part of our partnership. Terry Gerton You’ve said that this partnership will do amazing things and deliver mission-ready quantum solutions. What kind of real-world missions are you going to tackle first? Bill Vass So the first quantum computers will have tremendous impact on what we call material sciences because a classical computer attempts to run a simulation to help design materials, but classical computers don’t work like a molecule. A quantum computer works like a molecular. So it’s really good at doing chemistry and chemical simulation. So for example, a lot of the things that we’ve invented throughout human history, we’ve accidentally discovered in the labs. I mean, from gunpowder to, you name it, we discover it, and then we’re like, oh, okay, but it would be much nicer to say, what we’d like, for example, is a high temperature superconductor, what formula would provide that? And with a classical computer, you can’t run those kinds of things, but with a quantum computer, you can. So the big impacts at first will be on chemistry, and physics, and on material sciences. And you’ll be able to start seeing effects around a hundred error-corrected qubits, which is going to be millions of physical qubits, because a lot of compute on error correction to get a little compute done. And then, about 2030-ish, you’ll start to get to around 1,000 error-corrected qubits, and then our lives will be changed significantly by quantum computers, because at that time you’ll be able to do really sophisticated reverse engineering of material sciences, and later as you get more in the 2,000 to 3,000 errors-corrupted qubit, then what the government worries about is you can break cryptography with a quantum computer, and that’s why you to start doing post-quantum cryptography now, so that anything being transferred over the network is encrypted with something the quantum computer can’t do. So I think that’s important to understand. Terry Gerton I’m speaking with Bill Vass. He’s Booz Allen’s chief technology officer. Bill, what you just said sort of broke my brain a little bit, but when I’m thinking about the speed of AI and how hard of a time we’re having adapting to that, it sounds like quantum will be even a bigger shift. I wonder, back to sort of the conventional consulting space, how do we build a workforce for this new environment? How is Booz Allen building your own and how are you advising clients? Bill Vass Yeah, so we have been hiring, I would say, exquisite PhDs right now, and then also bringing in interns and training them in this space. And Amazon did the same thing when I was doing the quantum services at Amazon as well, and lots of people do. Quantum computing is quite a different way of thinking. AI is sort of going to be ingrained in everything we do. But quantum computing is a completely different way of thinking about computing as an analog system, it’s a different way of programming. You’re basically, like I said, creating molecular circuits in the machine’s memory versus connecting together a bunch of steps in a piece of software. And so it’s very different way. So we are going to require a significant amount of training for people to begin to understand that. I mean, in AI, we trained up about 3,200 people at Booz Allen, early days, in AI. We’ve got a lot of AI experts, we’re literally the top AI deliverer for, or implementer for, the federal government today. And we have a lot experience there. And I think we’re probably one of the leaders in quantum as well. And as building that out, as it becomes more real, like I said, we’re doing a lot today with quantum sensing and we’re doing a lot to get ready for quantum computing as it continues to evolve and make sure we understand that. But it is, I think it is a challenge, it’s a very different way of thinking and there’s a very small pool of people who understand it today, relative to the rest of computing. Terry Gerton Well, that sort of leads me into my next question, because you’ve called this a critical moment for US quantum leadership. But if the people who understand this are in short supply, what needs to happen either technically or politically to make sure we stay ahead? Bill Vass Well, I think you need to be investing in the supply chain for the quantum computers, both the materials and the manufacturing, you need to be investing in the supply chain for the individuals. So proper training and understanding, and the universities that are going to, that this is going to come out in, or the research labs it’s going to come out in. There is already a lot of government investment in the research labs and the intelligence agencies and a number of other places in quantum. In fact, like so many things, quantum came out of the government, like integrated circuits did, like GPS, like the internet and all these others. Early investments, when I was the chief, one of the chief information officers at the Pentagon in the 90s, I helped to sponsor funding for the early quantum computers that were being built at that time, which is when I first got more familiar with quantum computing. But there’s a lot, quantum computing is, there’s really two fundamental things that are very hard to understand because they’re based on quantum. The first is called superposition. And so when you’re operating on the qubit, it’s in every point of a sphere at once until you measure it. And the second one is entanglement, which allows you to force the molecule or the circuit to do what you want by entangling them together. And entanglement is one of those things, if anyone tells you they actually understand how it works, it’s kind of a chemical bond between two atomic particles that you create in the machine. We know what it does but no one knows how it works, and the way I would describe that is — I’m a motorhead, I understand everything about cars, all the cylinders or the electronics, and I can drive a car, and my wife can drive just as good as I can, but she doesn’t understand anything about the engine or any of those other things — so we can drive superposition and entanglement without fully understanding how it works. But it is a little bit of the frustrating part for me in quantum computing, because I’m one of those people who like to know how everything works, and we know what it does and how to implement it, but we don’t really understand the fundamentals of some of it.The post Quantum computing – it’s still confusing, but now it’s mission-critical first appeared on Federal News Network.

When it comes to technology modernization and cybersecurity, some agencies are in danger of getting left behind. The reason is simple, said Kelvin Brewer, the director of public sector sales engineering at Ping Identity. Legacy systems that aren’t capable of supporting modern identity credentialing and access (ICAM) management capabilities, he pointed out. Agencies carrying a large amount of technical debt will struggle to keep their systems and data secure and put their zero trust implementations at risk, Brewer said during Federal News Network’s Cyber Leaders Exchange 2025. “All of that legacy stuff gets left behind and becomes a target for infiltration, for bad actors. If we’re truly going to be zero trust, one of the things that needs to happen is we need to keep supporting the legacy technologies that are probably still going to take a while to get replaced. Maybe, some of the things will never get replaced,” he explained. Why flexible identity service matters in government The ICAM model must also adapt to the different missions across the federal government that in turn require a variety of technologies. “There’s no way to standardize on one thing, like just software as a service,” Brewer said. “There’s no way to standardize on that and have a truly zero trust framework for an agency because a lot of agencies have many different departments that that need multiple different types of identity solutions.” He offered an example. Some parts of the Commerce Department have moved entirely to the cloud and can lean on using an identity management application that can integrate across all systems. But other parts of Commerce still require ICAM capabilities on premise and in the cloud. Still others will never be able to move systems into the cloud. “One of the challenges with really getting to a place where you’re comfortable with your zero trust framework is having the ability to say, ‘We have a flexible identity solution to be able to meet all of our needs,’ ” he said. Brewer recommended that agencies “get a solution that’s going to augment what they have already got because there’s serious technical debt that’s been put into an existing identity management solution that’s meeting the 70% to 80% of the use cases today. But there’s just that high exposure of those other use cases that it can’t do because it’s a legacy system.” Why ICAM should use risk-based authentication decisions Agencies usually have two choices: They can replace their legacy systems and move to a new ICAM system, or they can augment existing identity management capabilities. Brewer said these challenges only increase when agencies are at the edge or in low-bandwidth environments. “There are situations where we’re deployed out to a backpack, and the backpack itself has a really low bandwidth Wi-Fi antenna that the phone can connect to. They can then authenticate into the solution right on their phones and communicate with something that may be collecting intelligence data or doing something of that nature,” he said. “There are use cases like that all over the place where you don’t want to be connected to the web, and what you’re trying to do is allow somebody on that tactical edge to be able to connect to a solution. But they need to authenticate in, and they need to then be provisioned the right access based on their role. You can’t just assume that just because they can log in, they should get access to anything.” Brewer said all of these use cases come down to the simple idea of making risk-based decisions for how and the type of ICAM system implemented. “We don’t want to over verify or over prompt for multifactor authentication or any of those things. What we want to do is be constantly checking risk, and that’s where these risk solutions can help,” he said. “They’re so important because what they do is they look at the signals, including outside signals, and identify if the person who is coming in is the right person. We can check all sorts of signals, things like keystroke speed and things like that. We can do user event behavior analytics that allow us to see anomalies that then say this is an increased risk.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: Ping Identity’s Kelvin Brewer on ensuring flexible identity service first appeared on Federal News Network.

Federal agencies are facing a growing cybersecurity challenge as operational technology systems converge with traditional IT environments. Michael Overstreet, director of security solutions engineering for U.S. public sector at Cisco, joined Federal News Network’s Cyber Leaders Exchange 2025 to discuss how agencies can manage this complex threat landscape and avoid serious consequences. The convergence of IT and OT has expanded the attack surface across federal networks. Devices that were once isolated, like heating and air conditioning systems and airport sensors, are now network-connected and often cloud-enabled. That connectivity brings both efficiency and risk, Overstreet said. “Now, those things are very smart enabled, and they reach back to maybe an application running in a cloud,” he said. “That opens the door for an adversary to take advantage of a way into the network.” Be aware that OT devices open the door to new threats As agencies modernize their infrastructure, the integration of smart devices into operational environments has become routine, he said. These devices, once standalone systems, now communicate across networks and interface with cloud applications. While this connectivity improves efficiency and data sharing, it also introduces vulnerabilities that adversaries can exploit, Overstreet pointed out. The shift from isolated to interconnected systems means that a breach in one device could potentially compromise an entire network segment. The problem is compounded in classified environments where insider threats remain a top concern, Overstreet added. OT systems in secure facilities may be segmented, but they’re not always isolated. That creates new vectors for data exfiltration and disruption, especially when agencies lack visibility into how these devices operate, he said. “You can’t protect what you can’t see,” Overstreet said. “If you don’t understand what’s coming on the network, discover those and continuously monitor those devices’ activities on the network, you can’t defend it.” Cisco is working to address these challenges by offering a unified security architecture that spans both IT and OT domains. Overstreet pointed to tools like Cyber Vision, Identity Services Engine, and Secure Firewall as part of a broader strategy to implement zero trust and enforce segmentation. Make visibility and segmentation central to defense Overstreet emphasized that visibility is the cornerstone of any effective cybersecurity strategy. Without a clear understanding of what devices are present and how they behave, agencies are left blind to potential threats. Cisco’s approach involves continuous monitoring and dynamic segmentation, allowing administrators to isolate suspicious activity before it spreads, he said. This strategy not only helps protect sensitive data but also ensures operational continuity in mission-critical environments. The company’s recent acquisition of Splunk adds another layer of insight that permits agencies to monitor network behavior in real time and respond to anomalies more effectively, Overstreet said. He emphasized the importance of building trust across the entire environment, from switch to cloud to endpoint, and aligning with federal standards like those from the National Institute of Standards and Technology and FedRAMP. Artificial intelligence and automation are also playing an increasingly larger role in federal cybersecurity. Cisco has been using machine learning for years, but Overstreet said newer generative and agentic AI models are helping analysts move from reactive to proactive defense. That includes training AI systems to follow playbooks and enforce policy automatically to reduce the risk of human error during incident response. But Overstreet cautioned that technology alone isn’t enough. Agencies need skilled personnel who understand IT and OT systems as well as the cybersecurity principles that govern them. Take proactive approach to security The evolution of AI in cybersecurity is transforming how federal agencies respond to threats. Instead of waiting for alerts and manually investigating incidents, analysts can now rely on intelligent systems that detect anomalies and initiate response protocols. Cisco’s integration of AI into its security stack enables predictive analytics that help agencies anticipate attacks before they occur. This proactive stance is especially valuable in environments where downtime or data loss could have national security implications. Finding people with the skills to manage in this environment can be challenging. Overstreet described the ideal candidate as someone with cross-domain expertise, comfortable with TCP/IP and cloud infrastructure but also familiar with SCADA protocols and zero trust frameworks. Collaboration and communication are just as important, especially as IT and OT teams are forced to work together more closely. Training and hands-on experience are key to building that workforce. Overstreet said certifications can help, but real-world exposure is the best teacher. Agencies should invest in tabletop exercises and incident simulations to prepare their teams for the unexpected. Looking ahead, Overstreet highlighted several emerging technologies that could reshape the IT-OT interface. Advances in identity-based zero trust, quantum-resistant cryptography and embedded threat detection at the industrial edge are all on the horizon. AI will continue to move closer to OT environments, enabling faster and more precise responses to malicious activity, he said. The goal? Build resilient architectures that support operational continuity, even in the face of evolving threats. Overstreet’s message was clear: “The complexity of modern federal networks demands a unified approach to security that blends technology, strategy, and human capability.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: Cisco’s Michael Overstreet on securing IT-OT interfaces in federal networks first appeared on Federal News Network.

It is no secret that federal agencies are drowning in data. The chief challenge? Information is often siloed across different systems. Without a cohesive strategy to unify those silos, it is nearly impossible for organizations to gain a complete view of their data, making it difficult to act with speed, Bart Larango, strategic industry advisor for federal at Splunk. The challenge is becoming more urgent as agencies face growing cybersecurity threats and looming deadlines for initiatives such as zero trust, he said. That’s make the way that agencies establish a unified data strategy critically important, Larango said during Federal News Network’s Cyber Leaders Exchange 2025. “Typically, it’s not the technology or even access to the data that is the challenge,” he said. “It is how do they create a strategy around that? How do they create a people process and approach so they can have that unified view of their environment and their organizations to really speed decision-making.” Having the ability to bring data together quickly is essential, Larango said, because it enables agencies to compress the OODA loop — observe, orient, decide and act — which allows them to make decisions faster. “Having access to the data and bringing that together to make rapid decisions is really the key to a unified data strategy — and the key to unlocking the value and the potential from all of the data that an organization has access to,” he said. Align stakeholders to data strategy Once agencies have data and tools in place, those capabilities must be tied directly to mission outcomes, Larango said. Agencies need to answer why a tool or capability exists, how it supports stakeholders and what outcomes it delivers. “Being able to nest and align how those data streams, how the capabilities that are analyzing them all flow back to what the stakeholders care about, which is generally mission outcomes for their respective business units or mission areas,” he explained. “We need to be able to tie whatever technologies that we’re investing in back to how that delivers mission outcomes for all of the stakeholders. That’s really core to that unified approach. Without unified visibility, it’s very difficult to do that.” Tie capabilities optimization to mission outcomes Agencies also need to simplify their tool sets, Larango said. Too often, organizations have too many overlapping capabilities, which creates complexity for the workforce and drives up cost. “We’re only able to process a certain amount of information as humans, as individuals. So how can we minimize and simplify that, so that we can really focus on a core set of capabilities that aligns us to get after our mission outcomes much faster. It optimizes our spend and time — really from a workforce development strategy,” Larango said. Instead of spreading staff thin and training them on a wide range of tools, he recommends that agencies aim for a deeper understanding of fewer systems. After three decades of service training soldiers and civilians while in government, Larango said he has seen firsthand that technology alone is not enough. “Training soldiers and civilians on tools and optimizing environments, developing our workforce to actually use those tools effectively, is really key because at the core, it’s our people.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.  The post Cyber Leaders Exchange 2025: Splunk’s Bart Larango on why mission success hinges on unified data strategy first appeared on Federal News Network.

It’s never been particularly easy to be a senior government technology manager. But there have been some new wrinkles lately, including higher levels of budget uncertainty than usual, continued pressure to modernize systems while cutting spending and workforce cutbacks. All the while, government-unique acquisition and technology regulations haven’t eased up — at least not yet. So when it comes to selling to the government, sometimes a little empathy can go a long way, suggested Egon Rinderer, senior vice president for federal and enterprise growth at NinjaOne. “In the federal space, it’s always been a little bit easy to fall into that trap of thinking there’s always money, there’s always a budget, and even if the budget doesn’t pass, there’s a continuing resolution and other ways around it,” Rinderer said during a discussion during Federal News Network’s Cyber Leaders Exchange 2025. But he pointed out that federal leaders in reality are held to the same standards and regulatory standards as industry. Plus, security and compliance mandates are increasing. “We have to take a very pragmatic approach and say, ‘OK, what are the problems we’re trying to solve? And rationally speaking, let’s start mapping out ways that we can reduce spend. Let’s start mapping out ways that we can do the things that we have to do and meet the regulatory requirements with 30% fewer staff,’ or whatever that threshold is,” Rinderer said. Look to industry partners to help with workload challenges Rinderer said his company has seen recent firsthand evidence of the workload and staffing challenges in areas like contracts on the government side of the table, with some agencies seeing growing backlogs of contract actions that need careful review. “You have this nucleus of people who care deeply about doing their job the right way, and they’re being asked to do, in a lot of cases, more than I think is reasonable for a person to be able to do right. And you extrapolate that out into the day-to-day activities that are required just to run the infrastructure that’s required for these people to do their jobs, and it’s true in other areas like patching computers,” he said. “We hear a lot about public-private partnering and government working with the private sector to make things better. We need to take that very seriously as the vendor community. We should not be paying lip service to that. We need to really sit down and have those conversations with government leaders to help them through this situation because it’s not going to get any easier anytime soon.” Ask for reasonable technology ROI One possible starting point — even though it’s been a topic of discussion for decades — is helping agencies simplify their IT infrastructure. And those discussions, Rinderer said, need to start by placing a premium on “time to value.” Agencies, he said, can no longer be content with solutions that take a year or more to start proving their return on investment. “We also have this problem of legacy systems, and the people who are very good at them are either aging out or they’re leaving government and going to private sector for any number of reasons,” he said. “I think there’s another conversation to have around how costly those legacy systems are to operate and maintain. You should be looking at things and you should be asking hard questions of the vendor.” Rinderer suggested that agency IT chiefs directly ask would be vendors: “Look, I need something where the time to value is basically turnkey.” That’s where the industry has moved to, so it’s a fair expectation, he said. “If you’re looking at a platform and that vendor says, ‘Well, it’s going to take us X months to deploy, and then we’ll have to spend Y months migrating over your old system, and you should start seeing value within 24 months,’ keep looking. That is not the state of the art in modern IT tooling. It’s just not.” Seek ways to simplify endpoint management Rinderer said such simplification discussions aren’t just about big network infrastructure items but managing individual IT endpoints too, which have proliferated over the years as more mobile devices have been added to agency inventories. That’s one area where agencies should demand less complexity and are doing so, he said. “The legacy is you have a tool or platform that says, ‘Look, I’m really, really good at managing Windows machines or Linux machines or Macs,’ ” he said. “And what you’ll see is a vendor comes to the table at renewal time and says, ‘I’ve added some features, and I’m your endpoint management tool du jour, but I don’t manage iOS devices.’ That’s one of the more common ones that we see. ‘So you’re going to need this other tool to do that, but I’ve built integration with that other tool. Good news, right?’ In reality, the answer should be, ‘I am going to bend my product to manage your endpoints because I want to be your endpoint management tool.’ It’s a very simple conversation. Either you do that or you don’t, and if you don’t, you’re making excuses.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: NinjaOne’s Egon Rinderer on approaching IT consolidation with ‘empathy’ first appeared on Federal News Network.

The Domain Name System, or DNS — arguably one of the most critical protocols on the internet — has often been overlooked for years from an IT and cybersecurity perspective. For decades, DNS was largely regarded as a background function of the internet. Organizations set up servers and left them alone. That passive approach left them exposed as attackers learned to exploit vulnerabilities in the DNS protocol. “It’s the George Foreman grill. You put it in the closet, you lock it up, you never touch it again, so that it doesn’t go down. DNS has been kind of looked at that way because if it goes down, you can’t touch printers, servers, the internet — and we’ve seen that happen,” Chris Usserman, chief technologist for public sector at Infoblox, said during Federal News Network’s Cyber Leaders Exchange 2025. NIST guidance gives attention to potential DNS vulnerabilities But new guidance from the National Institute of Standards and Technology reflects growing recognition that DNS is not just a technical utility but a core component of network security. The update to NIST Special Publication 800-81r3, developed in close collaboration with industry, is the first major revamp to the document since 2012. It comes as attackers increasingly exploit DNS to spread malware, conduct phishing campaigns, steal data and disrupt essential services, Usserman said. “The biggest aspect of it was obviously NIST’s recognition that there are a number of their publications that constantly needed revamping, and they’re going to great efforts to invest in making sure that their directives, their guidance and recommendations to all of their consumers globally is now starting to move at the speed of technology — or at least closer to it,” he said. “Twelve years since the last update is a long time, but DNS has been around for over 40 years. We … helped NIST to understand why and how this needed to be updated and actually as it pertains to threat actor activity. It wasn’t a hard sell for NIST. They already had it on the books,” he added. Three pillars of secure DNS The guidance also formalizes the definition of “protected DNS,” Usserman said. The updated publication includes three foundational pillars: employing protective DNS, securing the DNS protocol and securing DNS infrastructure. Together, the pillars form the overarching framework for “secure DNS:” Securing the DNS protocol: “It’s not just Domain Name System security extensions as we traditionally refer to it, but using transaction signatures, encrypted DNS as part of the mandate from M-22-09 from the Office of Management and Budget, and better DNS hygiene around making sure that you don’t have names or subdomains that are out there that are just dangling out in the ether, because those have been exploited,” Usserman said. Securing DNS infrastructure: The guidance recommends deploying dedicated DNS servers separately from other core functions, ensuring resilience if one service or component fails. “Having high-availability DNS servers also allows for interoperability,” Usserman said. Employing protective DNS: “It is effectively a DNS firewall,” Usserman said. It blocks malicious delivery of malware, phishing attacks, et cetera. It allows for applying threat intelligence and getting better telemetry around adversarial activity and unwitting — and witting — insider threats, as well as being able to have forensic understanding for incident response purposes. That’s really the key component,” he added. Navigating federal challenges on tech and budget fronts For organizations already leveraging Infoblox for core network functions such as Dynamic Host Configuration Protocol, DNS or IP address management, adding protective DNS is relatively simple, Usserman said. “It’s easy to add on the licensing if we’re already there doing the DNS,” he said. “You just turn on the feature that does the inspection and allows for the aspect of saying, ‘Hey, this user or this user system or this connected device should not connect with somewhere on the internet.’ ” The challenges for federal agencies, however, are more about the environment in which agencies operate. For example, the federal government shutdown that began Oct. 1 after lawmakers failed to pass a continuing resolution to keep the government open through November. But Congress’ inability to pass spending bills on time is nothing new; agencies spend an average of four months a year operating under a continuing resolution. But when mandates come without money, organizations have little incentive or ability to implement them, Usserman said. “The general government budget cycle always lends challenges to implementing these types of things, and so they have to potentially reprioritize existing obligations to determine the criticality and better manage risk,” he said. In addition, DNS has long been treated as a back-end IT function, but protective DNS represents a shift that will encourage organizations’ IT and security teams to work more closely together, Usserman said. Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: Infoblox’s Chris Usserman on the benefits of protective DNS first appeared on Federal News Network.

As cyberattacks ramp up and challenge the continuity of government operations, federal agencies are shifting their cybersecurity strategies toward operational resilience. The goal? Develop  a proactive approach that ensures mission-critical functions can withstand and recover from digital disruption. Federal Chief Information Security Officer Michael Duffy has announced plans to hold a tabletop exercise on operational resiliency with other CISOs throughout the federal government. The Office of Management and Budget and Cybersecurity and Infrastructure Security Agency will partner to coordinate the exercise. “Convening all department-level chief information security officers to have that frank conversation through a tabletop exercise … that’ll make a difference,” Duffy said during the recent Billington Cyber Summit. “That’ll help me better understand where we need to shape the policy perspectives, the changes in the mechanisms that we have as an interagency for the foreseeable future.” Visibility critical factor in ensuring resilience Agencies have moved to adopt zero trust architectures and continuous monitoring techniques to protect their core digital services and operations. Jason Warfield, head of solutions and adoption engineering at Cisco ThousandEyes, said continuous monitoring is critical to how agencies architect their digital environments. “Continuous monitoring provides confidence that the services that are being developed and made available are not just up and running, but they’re performant,” Warfield said during Federal News Network’s Cyber Leaders Exchange 2025. “It’s not just about the performance of that actual service or application. It’s really what we refer to as the ecosystem that needs to work together to make sure that those services are being delivered consistently. They’re delivered at a high level, and the experience accessing those services are what’s expected.” Tracking services, analyzing behaviors Agencies are also increasingly relying on cloud services and third-party software. Federal officials are working to streamline security authorization processes for cloud technologies to take advantage of fast-moving digital services and improve security. OMB has also been advancing software supply chain security standards to ensure agencies aren’t relying on products with built-in vulnerabilities. “As these services are being built and developed, it’s essential to make sure that you’re constantly testing the performance of those prior to them being rolled out into a production environment,” Warfield said. “It’s important to have visibility, to be able to discern between: Is this an unexpected but nontargeted issue that’s impacting a service, or is this an actual attack? Having the visibility in real time to be able to understand what is preventing a service from being made available, and being able to quickly identify, is this a security related threat, or is this something that’s just an unfortunate issue that’s impacting that service at a point in time? Because the response to those is going to be very different.” AI, automation also critical to resilience Artificial intelligence and automation are also increasingly central to cybersecurity defenses. Warfield said he’s seeing AI used across the lifecycle, including “on the front end, from the initial onboarding, deployment, configuration of the platform to day-to-day operations.” Agencies have begun to use AI to more quickly identify potential cybersecurity threats or service issues. And Warfield said it’s also used to “translate things that can be very complex and technical into plain language that can be understood by a very broad group of people who can then either take the appropriate actions themselves or route those actions to the individuals or groups that need to respond.” What’s more, he pointed out, more often those responses are also being automated, he said. “That’s powered by really a combination of AI as well as automation, where if there’s things that have a predictable response, we’re seeing our customers essentially automate those and have the technology actually drive those, unless there’s a specific need for an individual to get involved in that process.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: Cisco ThousandEyes’ Jason Warfield on why continuous monitoring has become nonnegotiable first appeared on Federal News Network.

var config_5656849 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/mgln.ai\/e\/345\/rss.art19.com\/episodes\/6d49fd06-d1c2-41f8-acf9-c24cc084d3ea.mp3?rss_browser=BAhJIg5Xb3JkUHJlc3MGOgZFVA%3D%3D--466d26bc6c0e932b4a48b1403433bf1814d4975e"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FedNewscast1500-150x150.jpg","title":"Federal retirement claims drop in September","description":"[hbidcpodcast podcastid='5656849']nn[federal_newscast]"}}; The number of federal employees filing retirement claims in September was the lowest all year. Just over 6,300 employees submitted their retirement paperwork to the Office of Personnel Management. At the same time, OPM also processed the fewest number of current claims in September, just over 7,900. Despite the lower number of claims, OPM said it took six days longer, on average, in September than in August to process claims. The current retirement claims backlog is at 23,500, which dropped for the fourth straight month.(New federal retirement claims drop in September - Office of Personnel Management)The Merit Systems Protection Board officially has a quorum again. The Senate confirmed James Woodruff II as a board member Tuesday evening, in a vote of 51 to 47 along party lines. Normally, Woodruff’s confirmation would mean the MSPB could start issuing decisions on any cases that had been petitioned by an employee or agency. But due to the government shutdown, the effects of a lack of quorum will drag on. During a funding lapse, MSPB ceases all operations and cannot process any federal employee appeals. (Confirmation of James Woodruff II as MSPB member - U.S. Senate)Democratic lawmakers are also looking to protect federal employees and contractors from foreclosures, evictions and loan defaults. The Federal Employee Civil Relief Act, if passed would also protect against having a car repossessed or losing their insurance because of missed premiums. The bill has the backing of several federal employee unions and associations.(Warner, Kaine introduce legislation to protect federal workers during shutdown - Sen. Mark Warner (D-Va.))The IRS is sending mass furlough notices to employees and shuttering most of its operations. The IRS plans to keep 53% of its employees working, as the shutdown enters its second week. A majority of them work in public-facing taxpayer services positions. A notice sent to all IRS employees states furloughed and excepted IRS employees will receive back pay once the shutdown ends. That’s after the Office of Management and Budget on Tuesday floated the possibility that furloughed federal employees would not be guaranteed back pay.(IRS shutters ‘most operations,’ furloughs employees as shutdown continues - Federal News Network)Members of Congress are urging utility companies to give federal employees some leeway on their bills. Eight Democratic senators are asking for federal employees’ water, electricity and internet not to be shut off, even if they aren’t able to pay. The letters that were sent to several major utility companies come as hundreds of thousands of federal employees are currently furloughed and more are working without pay under the shutdown. (Letters to utility companies on shutdown - Sen. Chris Van Hollen (D-Md.))House Democrats are pressing Speaker Mike Johnson (R-La.) to bring lawmakers back to Washington early next week to vote on the Pay Our Troops bill. In a letter to Johnson, the group urged the speaker to bring the legislation to the House floor for a vote before Oct. 15, when nearly 3 million military families will miss their paycheck if the shutdown continues. Johnson dismissed House Democrats, saying the House already “had that vote.” “It’s called the continuing resolution. House Democrats are clamoring to get back here and have another vote because some of them want to get on record and say they’re for paying the troops. We already had that vote.” (House Democrats press Johnson to bring Pay Our Troops Act to the floor early next week - Federal News Network)The Senate this week confirmed two top officials at the Office of the Director of National Intelligence. Jack Dever is now serving as general counsel at ODNI. Dever started out his career as a signals intelligence officer and later served as assistant general counsel at the FBI and assistant U.S. attorney handling national security cases. The Senate also confirmed Chris Fox to serve as inspector general of the intelligence community. Fox is an Air Force veteran who has served in top posts at the Justice Department and the CIA.(DNI Gabbard welcomes Jack Dever as ODNI general counsel - ODNI)GSA added more vendors to the OASIS+ contract. More than 100 new vendors have a spot on the OASIS+ professional services multiple award contract. GSA announced the addition of 118 contractors, of which 112 are small businesses, on Monday. Across the seven domains under OASIS+, management and advisory services and technical and engineering services remain the most popular, with 72 new awardees each. GSA said it will issue a final notice to proceed for these new awardees no later than Oct. 17. This was the third set of awards under OASIS+ since April.(GSA adds 118 new contractors to OASIS+ - SAM.gov)Throughout October, MILITARY STAR card holders can shop at commissaries worldwide with 0% interest and no payments for three months. The limited-time offer is designed to help provide some additional financial relief during the government shutdown. The MILITARY STAR card is available to service members and their families, DoD civilians, retirees, Purple Heart recipients and eligible veterans. Congress created the program to provide affordable credit solutions to the military community. (Military Star card offers 0% interest, no payments for three months amid shutdown - Military OneSource)The U.S. Patent and Trademark Office is turning to artificial intelligence to help patent applicants. USPTO is launching an Automated Search Pilot Program to flag potential prior art issues for patent applicants. Prior art searches help inventors understand what’s already been patented. But USPTO said an exponential growth of prior art and the pace of technological innovation make it increasingly difficult to quickly discover the most relevant prior art. USPTO is using an internal AI tool to quickly search for prior art as part of the pilot. (USPTO to use AI tool for automated search pilot - Federal News Network)The post Federal retirement claims drop in September first appeared on Federal News Network.

Staffing shortages led to more flight delays at airports across the U.S. on Tuesday as the federal government shutdown stretched into a seventh day, while union leaders for air traffic controllers and airport security screeners warned the situation was likely to get worse. The Federal Aviation Administration reported staffing issues at airports in Nashville, Boston, Dallas, Chicago and Philadelphia, and at its air traffic control centers in Atlanta, Houston and the Dallas-Fort Worth area. The agency temporarily slowed takeoffs of planes headed to the first three cities. Flight disruptions a day earlier also were tied to insufficient staffing during the shutdown, which began Oct. 1. The FAA reported issues on Monday at the airports in Burbank, California; Newark, New Jersey; and Denver. Despite the traffic snags, about 92% of the more than 23,600 flights departing from U.S. airports as of Tuesday afternoon took off on time, according to aviation analytics firm Cirium. But the risk of wider impacts to the U.S. aviation system “is growing by the day” as federal workers whose jobs are deemed critical continue working without pay, travel industry analyst Henry Harteveldt said. The longer the shutdown drags on, the more likely it is to affect holiday travel plans in November, he said. “I’m gravely concerned that if the government remains shut down then, that it could disrupt, and possibly ruin, millions of Americans’ Thanksgiving holidays,” Harteveldt said in a statement. Transportation Secretary Sean Duffy said Monday that there has already been an uptick in air traffic controllers calling out sick at a few locations. When there aren’t enough controllers, the FAA must reduce the number of takeoffs and landings to maintain safety, which in turn causes flight delays and possible cancellations. That’s what happened Monday afternoon, when the control tower at Southern California’s Hollywood Burbank Airport shut down for several hours, leading to average delays of two-and-a-half hours. When a pilot preparing for takeoff radioed the tower, according to communications recorded by LiveATC.net, he was told: “The tower is closed due to staffing.” Nick Daniels, president of the National Air Traffic Controllers Association, said the shutdown highlighted some issues his union’s members already face on a regular basis due to a national airspace system that is critically understaffed and relies on outdated equipment that tends to fail. A couple of controllers missing work can have a big impact at a small airport already operating with limited tower staffing, he said. “It’s not like we have other controllers that can suddenly come to that facility and staff them. There’s not enough people there,” Daniels said Tuesday. “There’s no overtime, and you have to be certified in that facility.” Air travel complications are likely to expand once a regularly scheduled payday arrives next week and air traffic controllers and TSA officers don’t receive any money, the union leader said. If the impasse between Republican and Democratic lawmakers on reopening the government persists, the workers will come under more pressure as their personal bills come due, Daniels said. “It’s completely unfair that an air traffic controller is the one that holds the burden of ‘see how long you can hang in there in order to allow this political process to play out,’” he said. Johnny Jones, secretary-treasurer of the American Federation of Government Employees chapter that represents TSA workers, said he was hearing concerns from members about how they will be able to pay bills, including child support and mortgage payments, and if they’re at risk for termination if they have to miss work during the shutdown. “The employees are struggling. They’re assessing what they need to do and they’re assessing how this is all going to work out,” said Jones, who has worked as a screener since the TSA was established. Some TSA officers already have called in sick, but Jones said he did not think the numbers were big enough to cause significant problems and delays at airports. Aviation unions and U.S. airlines have called for the shutdown to end as soon as possible. The unions are also making appeals to food banks, grocery chains and airports to secure support for workers during the shutdown. Hartsfield-Jackson Atlanta International Airport was offering federal workers $15 food vouchers and allowing them to park in the terminal, according to Jones. John Tiliacos, the chief operating officer of Florida’s Tampa International Airport, said the facility started preparing for the shutdown well before it began. Nicknamed “Operation Bald Eagle 2” among airport staff, the efforts center around pulling together resources for the roughly 1,100 federal employees who are working at the airport without pay, including security screeners and air traffic controllers. Tiliacos said the help would include a food pantry, free bus rides to work and a program with the local utility provider to keep the lights on at the homes of the workers. “Whatever we can do to make life a little easier for these federal employees that allows them to continue coming to work and focus on keeping our airport operational, that’s what we’re prepared to do,” he said. ___ This story was first published on Oct. 7, 2025. It was updated on Oct. 8, 2025 to correct the number of federal employees at Tampa International Airport. It is 1,100, not 11,000.The post Staffing shortages cause more US flight delays as government shutdown reaches 7th day first appeared on Federal News Network.

The Cybersecurity and Infrastructure Security Agency is working to expand the reach of its cybersecurity services geared toward operational technology systems, as CISA and other agencies warn of the increasing cyberthreat to U.S. critical infrastructure. CISA offers a range of free cybersecurity services to partners across the public and private sector. Matthew Rogers, OT cyber lead at CISA, said more than 10,000 critical infrastructure organizations have signed up to use the agency’s free vulnerability scanning services. And the agency is “at the limit of our current capacity” for risk assessments that it offers to outside organizations. But Rogers, who is focused on helping organizations secure the operational technology that runs most critical infrastructure, said CISA wants to expand to more organizations. “We’re actively in the process of improving the services so that they can scale to more people,” Rogers said during Federal News Network’s Cyber Leaders Exchange 2025. “It might be a lower fidelity version than sending a bunch of OT experts to your door in person but seeing where we can actually improve and scale those offerings to give everybody a little bit more of a bit of a security insight into their operational technology network.” Rogers said CISA typically prioritizes “systemically important entities,” or a subset of critical infrastructure that are particularly important to national security, the economy, and public health and safety. “But we still have to help everybody else, because if that critical infrastructure goes down, it’s still a bad day for a lot of people,” Rogers said. “We’re working to scale our services that we can get broader uptake amongst those smaller groups.” Cyber-resilience keys The planned expansion comes as CISA works to spread awareness about a growing array of cyberthreats to critical infrastructure networks. Rogers highlighted both lower level threat groups targeting insecure devices in critical infrastructure networks, as well as sophisticated nation-state groups like the China-linked Volt Typhoon. CISA and other agencies have warned that Volt Typhoon is targeting power, water and other U.S. critical infrastructure systems for potential disruption during a future conflict. “That’s why a lot of the CISA efforts are focused on, how do we uplift the resiliency of existing infrastructure such that even if there is a successful attack, the impact of it is lower?” Rogers said. CISA works closely with the Idaho National Laboratory to help develop those resiliency techniques. INL has pioneered approaches to cyber-informed engineering, which is aimed at integrating cybersecurity practices into critical infrastructure engineering. “Entities are still chasing vulnerabilities and responding to threats, and they’re not really starting with the main piece, which is consequence,” Ollie Gagnon, INL’s chief homeland security advisor, said during the Cyber Leaders Exchange event. The lab’s Resilience Optimization Center can conduct full-scale testing to replicate cyberattacks on electric grids, water utilities, wireless systems and other critical systems. And INL also conducts assessments across different states and sectors to gauge cyber readiness. While a deficit of cybersecurity talent is a challenge, Gagnon said INL’s risk assessments have revealed a more pressing challenge. “The biggest finding we found is not on the tech side — it’s that managers don’t understand cyber risk,” Gagnon said. “So when you have people that are sitting in procurement, human resources, operations, if they’re not understanding cyber risk, they’re making decisions that impact cyber risk.” Amid those management challenges, a major blind spot for many organizations is determining who is responsible for securing operational technology, Rogers said. “Whose responsibility is what, between the edge of the IT network to the DMZ to the networking devices and OT, versus the actual engineering components,” Rogers said. “It varies significantly by organization.” Promoting secure by design approach across government Rogers said part of the solution is making devices more secure from the start. Since 2021, CISA has been pushing major technology vendors to adopt secure by design principles. “What we’re really pushing for from the CISA side is, how do we put more responsibility on the manufacturers, on the integrators, to deploy these things in such a way that, yes, it fits within the operator workflow? Yes, it meets all of these 24/7 operational demands, but it’s also secure,” Rogers said. “Some of that just comes from, how do we encourage people at the manufacturer level to include their cybersecurity teams with their actual product development teams?” Meanwhile, as organizations adopt newer technologies like artificial intelligence and machine learning, Gagnon said resilience must be part of the adoption equation. But cyber resilience approaches will need to be tailored across 16 critical infrastructure sectors and 54 subsectors, he added. “They all have unique needs, so it’s got to be something that’s scalable and applicable as an overall approach,” he said. Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: CISA’s Matthew Rogers, INL’s Ollie Gagnon on driving cyber resilience in critical infrastructure first appeared on Federal News Network.

The concept of DevSecOps has been around long enough that it’s now firmly established in most federal agencies as one of the key underpinnings of producing secure software, and even small agencies increasingly have their own DevSecOps pipelines in place to meet that goal. But getting the results they need takes more than just having that pipeline. It also takes planning — including a lot of “shifting left” of the processes that agencies have used in the past. At the Export–Import Bank, for example, it means treating security as a baseline development requirement from the very beginning, along with the infrastructure that’ll be needed to support the system. “You can’t build a great application and have it sit on top of infrastructure that has issues. So from a shift left perspective, we make sure we’ve got all our requirements at project initiation,” Darren Death, chief information security officer for the Export-Import Bank, said during Federal News Network’s Cyber Leaders Exchange 2025. “Historically, security requirements were always those things that are the negotiables, like they’re not required. Well, they are required. They should be treated like functional requirements. And that’s one of the cultural things that we do here at ExIm: We treat them as functional requirements. And the reality is when you’re doing them during design, you can design the functional requirements and security requirements together, and then a lot of those issues — of fear, uncertainty, of doubt — they may go away because you’re building them together. You’ve got a high performing system that’s also secure.” Addressing supply chain risk That same mindset has taken hold at the Bureau of Safety and Environmental Enforcement, the small Interior Department component that oversees the offshore oil and gas industry. Madhuri Sammidi, BSEE’s deputy associate chief information officer, said the agency has moved to a model that incorporates security by design. “Security starts really early, even before we start implementing a system,” she said. “It really starts at the planning phase, and the planning phase could be procuring something, which includes software supply chain risk. That is a huge risk that we all are facing, and some of the incidents that we all have seen are caused by the supply chain risk. And we have to think ahead. The security personnel — the security operations team and the cybersecurity assessment team — should be included in all these conversations, as applicable, wherever they can be so that we are not bolting the security on later, we are thinking about the security in every single phase of the software development life cycle, starting from the planning.” And mitigating that supply chain risk also requires early conversations with vendors, Sammidi said. “It has to start with publishing their inventory before we even start acquiring their software,” she said. “We as a government heavily rely on external vendors and their software and integrators. So it is very important to have all these expectations and engage with the vendors right from the beginning on these aspects of the cybersecurity and incorporating security in every single phase of the life cycle of the software system, as well as having them come on to the same page as you with your DevSecOps model. How their software bill of materials can be integrated and consumed into your continuous integration, continuous delivery pipelines is very important, and something we can all take advantage of.” Incorporating security in acquisition And particularly in the case of small agencies, the personnel conducting the development work may be, by and large, contract employees themselves. That means all the considerations that go into the DevSecOps planning process also need to be brought into the contracting process too, Death said. “If you don’t do your contract right, you get a thing, not a secure thing,” he said. “We’re about to go into 2026, and you’d think we’d just be getting secure things by default. But you don’t, which highlights the importance of a responsible manager to take the time to build out those security requirements. You can’t assume. And at the end of the day, what you ask for is what you’re paying for. You need to have that integration with your procurement team so that the appropriate person — the CIO, the CISO or someone else — is reviewing that contract to make sure that these things have been accounted for and that you’re trying to get a secure thing.” Taking AI ‘baby steps’ Meanwhile, agencies are also thinking through how new artificial intelligence–assisted approaches to secure code development could help with the task of incorporating secure design principles early in the process. Sammidi said BSEE is still taking “baby steps” toward using AI as an enabler on the software security front, but that there are promising signs. “Right now, there are so many manual processes in things like code repository evaluations and scanning and vulnerability reporting, and the dashboards we see aren’t always live data,” she said. “AI could be an answer to some of these challenges that we all are facing right now because false alarms and false positives are creating sort of a fatigue in the security community. AI could be a great aid in reducing some of that fatigue. AI still needs human intervention because there are some challenges within terms of things like data quality reporting, but it could be a great enabler, and we have to start small and go with that until we automate things using completely AI-driven cybersecurity.” At the ExIm bank, officials are already in the early stages of using AI tools for code analysis, Death said. “When we’re doing our code reviews as part of the CI/CD pipeline, when software is discovered that we suspect could be vulnerable, the tools will actually suggest software code changes,” he said. “You’re still responsible for your results and the software developer ultimately has to have the skills to determine whether or not those updates and changes are actually valid, but the tools are able to accelerate the time. It used to be that when you would run a security scan, it wasn’t the developers doing that. That’s another key thing we do here: We make sure that developers are running the scan. We [in the security community] control the configuration, we understand how it’s configured, but then we give them the ability to run it. Because there’s nothing special about me pushing the start button versus them. They can push it, but then they get the results of the scan, and then the tool is able to actually give them that information.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: ExIm Bank’s Darren Death, Interior’s Madhuri Sammidi on ‘shifting left’ in quest for secure-by-design software first appeared on Federal News Network.

An awful lot of agencies are seeing demands to upskill their workforces with artificial intelligence skills. The Marine Corps now has a very specific way to do that. In a new partnership with the Naval Postgraduate School, the Marines have just launched a new fellowship program that aims to build on the service’s AI strategy, aiming to accelerate AI research and build AI talent in the Marine Corps. Navy AI fellowship builds on Air Force model Fashioned as a pilot program for at least the first year, the fellowship was born out of a similar initiative the Air Force and the Massachusetts Institute of Technology created several years ago called the “Phantom Program.” Two slots were allocated to Marines last year, and the service’s leadership wanted to find ways to get more of their service members involved, said Christopher Paul, the U.S. Marine Corps chair for information at the Naval Postgraduate School. “It’s a commitment for the Marine to dedicate their full-time primary effort to the fellowship for five months,” he said during Federal News Network’s Cyber Leaders Exchange 2025. “It includes a colonel-level endorsement letter saying that, ‘Yes, I’m willing to let my Marine do that for five months.’ But it also includes a command-approved use case. There’s some problem at that command, some challenge that — at least on its face — appears amenable to a solution or improvement with data and perhaps with AI or machine learning that the command endorses. So yes, it’s a chance for us to take some Marines and do a little bit of upskilling. But there’s also this problem focus, so that by the end of the five months, they’ve got, hopefully, at least a prototype solution to take back to their command and change how they do business, or improve decision-making or make processes more efficient.” 4 use cases, 5 NPS AI fellows The first pilot fellowship involves five Marines working on four separate use cases, ranging from analyzing imagery to prepare for amphibious landings to streamlining the process of preparing for maintenance activities. Their ranks run the gamut from captain to corporal, plus one Marine Corps civilian. The fellowship dovetails with NPS’ recently launched AI task force, which is thinking more broadly about the topic of AI education in the military services. Paul said educators there have started to think of the need for AI aptitude in three different “bins,” depending on a service member’s role. Some will need enough understanding of the technology to know how and when it can be used, some will need enough expertise to actually train and modify AI models, and some will need only a passing familiarity with the terminology. “We’re thinking that this fellowship is aimed toward folks who are either in or on their way toward that middle bin, that one of actual AI expertise,” Paul said. “They’re going to come here, they’re going to solve a problem, but in learning that, they’re going to learn about how to solve other problems, and they’re going to see as they survey existing courses, ‘OK, I don’t need to take that course online. I do need to take this course online.’ … And sometimes, when you’re working on a real problem, the experience is different than what’s in the textbook or what’s in the online video.” The fellowship will last for five months, but the first group of fellows will only spend about three weeks in residence at the NPS campus in Monterey, California. Most of their time will be spent working on their specific use cases, punctuated by a midpoint progress report back at NPS and a final presentation at the end of the fellowship. What success for NPS’ AI fellowship might look like Meanwhile, NPS and the Marine Corps are preparing for a second cycle of fellows to begin next year, and Paul said officials are discussing the possibility of expanding the program to include Navy service members as well. “If this is modestly successful — if at least one of these four projects is solidly successful — then that is a proof of concept that demonstrates that, hey, with a relatively modest contribution of manpower, a real problem can really be at least partially solved, so that means we should do more of this … and maybe we can connect this more formally with the Marine Corps digital transformation teams,” he said. “It might also lead to some kind of more enduring structure. The Air Force has their AI accelerator at MIT. The Army has an AI accelerator at Carnegie Mellon. Perhaps the naval services need an AI accelerator. Perhaps that could be here at NPS, and some success from this fellowship could recommend NPS as a good home for that.” But bigger successes, Paul said, could lead to bigger ambitions. “If several of these projects are outstanding successes and make real impacts within the communities at the commands that they’re advocating for, then hopefully that would create even more of a demand signal for something like this,” he said. “Maybe then NPS is getting involved in preparing mentorship and training packages for digital transformation teams. Because with a little bit of faculty advice and a lot of independent learning, any smart Marine can learn to do these things. And so maybe there’s some kind of mobile training team that we send to get some of these digital transformation teams kicked off and get some of those Marines on the right path toward self-improvement and independent learning. Maybe we want to scale it more, but we want to devote more serious resources to making this a bigger program. I’m hoping for at least modest success, and I’m optimistic about that, and I have a sense for what that should look like and hopefully what that’ll lead to.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: Naval Postgraduate School’s Christopher Paul on value of problem-solving in new AI fellowship first appeared on Federal News Network.

The new leader of the Cybersecurity and Infrastructure Security Agency’s Cyber Directorate is looking to build on CISA’s past successes, while focusing on the agency’s core responsibilities — despite a smaller staff and budget. Nick Andersen became CISA’s executive assistant director for cybersecurity September 2025. In a wide-ranging interview with Federal News Network, Andersen said his focus is on “the core operational norms of what CISA is supposed to be delivering” amid a wave of staffing departures at the cyber agency. The Trump administration has also proposed cutting CISA’s annual budget by nearly $500 million. “We’re supposed to protect the dot-gov and work with federal civilian executive branch agencies,” Andersen said during Federal News Network’s Cyber Leaders Exchange 2025. “We’re supposed to be the national coordinator for critical infrastructure security and resilience.” Thwarting major cyber adversaries An animating focus for Andersen is western intelligence assessments that the Chinese military will be ready for a full-scale military invasion of Taiwan by 2027. Such an invasion would be expected to feature cyberattacks against critical infrastructure. “That’s really where I want to laser focus the staff. What are we doing to defend this nation’s greatest assets? We have an economy, we have national security, we have a public health system that is incredibly reliant on technology and the associated infrastructure,” Andersen said. “And if we want to do right by our fellow citizens, by our neighbors, by our friends and family, it really requires us to show up and give our best every single day. And that, if I’m just hyper summarizing it to one point, is what are we doing to deter the threat of China 2027.” CISA’s role as the “nation’s cyber defense agency” includes working with original equipment manufacturers “to make sure that we’re helping them to identify opportunities to develop and build equipment that is secure from the start — secure by design,” he said. “At a broad brush stroke, just sort of refocusing ourselves on, why is it that we exist, and what is it that we’re supposed to be doing? Now, let’s take all the things that are good ideas and let’s set those to the side until we’ve really demonstrated some mastery over our core competencies.” CISA support to federal agencies Andersen said he wants to continue to grow the cybersecurity services that CISA provides to other federal agencies, as well as state and local governments. The Continuous Diagnostic and Mitigation program is a prime example. CDM provides agencies with cybersecurity tools, integration services and dashboards. “The first tranche of CDM was just trying to provide the opportunity for agencies and departments to be able to procure a certain suite of services and solutions that were going to make them more secure and collectively raise the bar,” Andersen said. “Now, we need to get to the point where we’re operating in a little bit more of a common manner.” When a cyber incident hits an agency, Andersen wants federal cyber operators to fall in on a “common stack” of cyber technologies. “If this department is using tool X and this one’s using tool Y though, that’s going to be a little bit more of a steep learning curve,” he said. “CDM, just like all these other programs that we’re looking at right now, is at a growth and evolution point. How do we continue the successes that have already been delivered, but how do we build on them for the next set of priorities?” Andersen also identified CISA’s threat hunt and incident response teams as an area he wants to “continue to grow and mature.” He further pointed to CISA’s capacity building program, which works on the agency’s binding operational directives, as well as the technology director’s office, which focuses on forward-looking issues like artificial intelligence and post-quantum cryptography. “How do we enable the federal enterprise to do things more smartly? And that’s where our CDM program lies,” Andersen said. “We’ve got a huge breadth of capabilities there across the board.” Critical infrastructure partnerships CISA’s work with the broader cybersecurity community and critical infrastructure is also a priority for Andersen. The Joint Cyber Defense Collaborative, established in 2021, is a conduit for those partnerships. Andersen cited the JCDC-sponsored Project Chainbreaker initiative, which focuses on defending critical infrastructure from China-based cyberthreats. That work is informed by campaigns like the Salt Typhoon intrusions into U.S. telecommunications infrastructure and the Volt Typhoon targeting of power, water and other critical services. The cybersecurity community uses the Typhoon naming convention to describe hacking groups aligned with the People’s Republic of China. The Chainbreaker project is “bringing together a core community to say defensively, ‘How would we respond to several different scenarios regarding them as a threat actor, those longer term or strategic engagements, using Salt Typhoon and Volt Typhoon as illustrative examples of the type of activity we’re going to see?’ ” Andersen said. CISA’s Joint Cyber Environment is also an emphasis for Andersen, who wants to deepen partnerships through a “common operating environment” for cyber defenders across the public and private sectors. Ultimately, Andersen wants to get CISA’s broader community of stakeholders — state and local governments, critical infrastructure and international partners — focused on preparing for the long-term cyberthreat of China, rather than individual events and campaigns. “These are persistent threat actors with persistent campaigns that are going to continue to target our nation’s infrastructure, whether it’s commercial, critical infrastructure or government infrastructure,” Andersen said. “That’s really the focus for us: Making sure that we are resilient over the long term, rather than trying to focus on an individual point in time.” Discover more articles and videos now on our Cyber Leaders Exchange 2025 event page.The post Cyber Leaders Exchange 2025: CISA’s Nick Andersen on shaping cyber directorate’s core competencies first appeared on Federal News Network.

  Interview transcript:   Terry Gerton Well, 2026 is going to be a big year for the United States. It’s our 250th national birthday. But at the same time, we’re hosting the FIFA World Cup — and some people might think that’s more important. What makes all of that integration of those events so challenging from your perspective? Carl Ghattas Well, Terry, as you know, 2026 is actually the start of the U.S. hosting a number of what are called “mega events.” And you alluded to two of them a second ago — the World Cup, and then followed by America’s 250th birthday. And then after that, the Olympic Games, the Paralympic Games, the Rugby World Cup and so on and so forth. So, in the next few years, the U.S. will be on center stage in front of the entire world, hosting all of these events. And these events are going to draw, obviously, fans from across the globe who want to attend and cheer on their teams, who want attend and  cheer on their particular athletes that they root for, and who want come to the United States and enjoy the sporting events, enjoy what the United State has to offer and engage in fan-related activities. And so all of that is great for the United States from an economic perspective and reputational perspective. But as you noted, it raises a number of challenges for the United states, not the least of which are challenges that U.S. law enforcement are going to have to face: law enforcement at the local level, at the state level, and certainly at the federal level. And all of these law enforcement agencies are going to be charged with protecting and securing these events and making sure that fans are secure and safe, making sure that the players and athletes and their families are safe, and making sure they are ahead of any types of threats that may come about that may imperil the games or individual athletes or teams. So we see great opportunity in terms of these events, but there’s also great risk. And law enforcement and homeland security are involved in identifying these risks and mitigating these risks. The challenges are you’ve got, as I noted, you’ve got law enforcement departments at the local level, at the state level, and the federal level all collecting threat information, potentially, about these events and all attempting to identify ways to secure these games. So that threat intelligence is going to be coming from each of the law enforcement departments at the state, local, and federal level. It could be coming from international law enforcement and intelligence partners, could be coming from attendees or participants in the events. So all of that has to be synthesized in an effort to protect the games and mitigate the threats that might come from external sources. Terry Gerton Well, the threat environment has changed quite a bit since the last time we did any of these big events, maybe except for the Super Bowl. What are the big threats now and what are the biggest challenges to that integration of detection and response? Carl Ghattas So the threats come from a variety of different angles, if you will. The threats can come from average criminals who are going to potentially target individual participants, everything from petty theft to batteries to assaults, those types of criminal acts. Threats could come in the form of cyberattacks. Malicious groups, either domestically or internationally, may be looking to disrupt the games, the events. And they may rely upon various cyber-related tactics to disrupt communication grids, transportation grids, whatever the case may be, and disrupt the flow of the games for their own malicious intent. Threats may also come from domestic terrorists or international terrorists. Those who are trying to make a statement or create chaos, with respect to the events, may be planning malicious events that could cause harm, as I said earlier, to the participants, the players, the venues themselves. And so the threats come from a variety of different vectors. And the challenge becomes, how do you collect all of that information? From where do you collect it? How do you collected it lawfully? And then how do you get that information to the officers and agents on the street so that they can act upon the information, disrupt the malicious actors, and prevent those attacks from happening — or if it’s too late and the attacks have happened, how do you arm them with the data and the information they need to identify the perpetrators? This process actually starts well in advance of the events. So there is a great deal of planning and preparation going on by the U.S. government for all of these events that we talked about. State, local, and federal law enforcement are, as we speak, looking at how to prepare for these events and preventing some of these malicious acts from occurring. And they’re collecting data, some of the data that I’ve talked about, to try to identify gaps and mitigate those gaps to prevent those threats from occurring. And so the integration of all of that information is absolutely critical to their success. Terry Gerton I’m speaking with Carl Ghattas, he’s senior VP of law enforcement and homeland security at Booz Allen. You mentioned integration of all of that information and an integrated response, but these agencies often operate on disconnected networks. How do you create a common operating picture for all of the different levels of response and different agency responses so that there is kind of a unified picture? Carl Ghattas That’s an excellent question. And you have state, local and federal law enforcement that operate on different systems. And so the technology exists to be able to put all of those players, all of those officers and agents on the same network, if you will, so that they can communicate with one another. Communicating with one other is absolutely critical. So they have to have the ability, and the technology exists, to allow these officers and agents to communicate with another in audio format, to transmit pictures across this network, to ingest data from CCTV coverage, which is ubiquitous in the United States, to ingest data from satellite imagery, to ingest data from drones that are flying overhead above some of these venues and some of fan sites that we’re going to see with these events, and to take all of that information and present it to the officers and agents on the street so they have that common operating picture. And just as importantly, the technology exists to provide that common operating picture to the command posts that will be stood up in each of these host city venues for the World Cup. So the World Cup is going to be held in 11 different cities across the United States. And each of those host cities is going to need that common operating picture that includes data that is ingested from all of those sources, so that those people sitting in the command post can have a common operating picture and a view of what’s going on on the streets. So they’ll be able to see where the officers are positioned. They’ll be to see where barricades are in your stadiums. They’ll able to where traffic is flowing around some of these venue sites. They’ll be able to see the pedestrian flow around some these venue sites. They’ll even be able to see pictures of potential weather events that might impact these venues and these events. So, as a former FBI agent who has spent a lot of time sitting in command posts during the course of my decades in law enforcement, I always wanted and I always needed to have that common operating picture. I needed to be able to look up at a screen or set of screens and see where all my people were, see where the venues were that we were protecting, identify potential malicious actors and redirect my resources towards those malicious actors. I spent most of my time in Washington, D.C. as a law enforcement officer, and we were always involved in national special security events, or NSSEs, like inaugurations, like Fourth of July celebrations, things of that nature. We in the Bureau, along with the other interagency members, were charged with protecting the public and securing these venues. And so it was exceptionally valuable to have the technology that would show me, as the head of a command post, where all those threats were coming from and where they were going to potentially be impacting people who were fans, people who are parts of the team and so forth, so that we could redirect our resources and interdict those threats before they materialize. Terry Gerton I noticed in that, in your last response, you kept saying the technology exists, but not that the technology has been deployed. And so I’m curious, with less than a year to go, what really needs to happen to make sure that the folks who are on the ground, who are planning, who are going to be in those operations centers have the tools and the technology that they need to help make this as seamless as they possibly can? Carl Ghattas Terry, that’s another great question. The technology, in fact, has been deployed. We have deployed similar technology that I’m talking about in a variety of mega events that have already occurred. For example, like the last Fourth of July celebration in 2025 in Washington, D.C., like the last presidential inauguration in D. C. in 2025, and like the Super Bowl in 2023. So the technology that I’m talking about has been employed in its components in those mega events — those events that draw huge crowds and also huge amounts of risk. And so the technology to interconnect officers and agents on the street and help them communicate with one another has been deployed successfully in those three examples. And the technology to allow them not just to communicate with one other but to have access to critical data that allows them to understand where the threats are coming from and move resources to interdict those threats and prevent those malicious actors from being successful in what they’re trying to accomplish. The technology has also been deployed that ingests data from a variety of sources that are available in that particular city or in that particular venue. So the technology that was deployed was able to take in satellite imagery or imagery from CCTV and provide that to the law enforcement leaders or the military leaders so that they could see that one common operating picture to give them an overall understanding of what is going on with the venues on the streets that they’re charged with protecting. So that’s tried-and-true technology and it has been successfully deployed and successfully used by law enforcement officers on the street.The post The World Cup and America’s 250th are colliding into one massive public safety test first appeared on Federal News Network.