HUD will use second $5M transfer to move IT modernization initiative to production

By Jason Miller

May 13, 2019

The Technology Modernization Fund still has more than $35 million to “loan” to agencies, and the board is inching closer to making a third round of awards.

Maria Roat, the Small Business Administration’s chief information officer and member of the board, said about 12 projects are in the draft phase where the agencies are working the program management office to finalize their proposals.

“Several others also have come in for phase two where they are pitching their proposals to the board,” she said after the CFO-CIO Summit sponsored by the Association of Government Accountants and the Association for Federal Information Resources Management (AFFIRM).

Roat said during the panel discussion that the board received 50 proposals worth more than $500 million over the last year plus, reviewed 37 and funded seven so far.

        Insight by HID Global: State technology leaders from New York, Texas and NASCIO come together to address IAM's newfound popularity in this free webinar.

She said the board receives agency project details on Fridays and meets on Mondays to deliberate.

One of those projects that received funding was the mainframe modernization effort at the Department of Housing and Urban Development.

HUD’s loan now at $10 million

HUD deputy CIO Kevin Cooke said the agency received it second tranche of funding from the board in the last few weeks, another $5 million to go with the same amount it received last fall.

“All of the architecture work is done. We’ve built a prototype or pilot already to make sure there was no issues with the hundreds of thousands of lines of code to make sure it would work seamlessly. That was a big part of the proof of concept,” Cooke said in an interview after the panel. “The money will allow that jump into the actual projects, not just the proof of concept.”

Cooke said the first $5 million of the $20 million loan went toward making sure the mainframe modernization plan was sound.

“In order to get this done, there is some reverse engineering of the applications that are there to make sure as we change the platform the programs do not lose any functionality,” he said. “That was a big agreement that we had with them that during this period of time they would be up and running the whole time with their current systems, and this replatform would not cause them to lose any functionality. From that standpoint, it’s a good process, but it’s a slow process. It’s not like we are starting from scratch and you get to decide all the new interfaces and all the new APIs and ways of doing this. We are working closely with them. This allows us to continue on our trajectory on the project.”

        Say thanks by sending a free eCard through our May We Say Thank You campaign during Public Service Recognition Week.

HUD is modernizing seven different mainframe systems all of different sizes. He expects the agency to complete about 20 percent of the project by the end of 2019.

“You get smarter as you go along so it gets faster as you go,” he said.

And HUD needs to get smarter and faster because that loan is coming due. HUD has to start paying back the money to the TMF in mid-2020.

Energy project delays are over

Energy won $15 million in June to accelerate its move to email in the cloud and received $2.2 million so far.

Bryan Long, Energy’s deputy CIO, said the project is a little behind schedule because of a protest of its CIO Business Operations Support Services (CBOSS) contract, which it plans to use to move some 65 disparate email systems from laboratories and offices to the cloud.

CBOSS is a $2 billion single award blanket purchase agreement for a host of IT services. The Government Accountability Office rejected ActioNet’s protest and backed Energy’s decision to award the contract to Accenture Federal Services.

Accenture’s team includes Unisys, General Dynamics Information Technology (GDIT) and Red River.

“We are behind where we had hoped to be at this point, but we do have the project awarded now under our new IT project and it will be moving out,” he said. “There is no doubt this certainly will accelerate our shift to cloud email for the remaining on-premise email systems.”

While Roat declined to name which agencies are in the final stages, it’s clear agencies are interested in the TMF loans.

Officials from two of the current awardees, HUD and the Energy, said they have other projects proposals they want to send or resend to the board.

Cooke said the agency submitted three total proposals to the board last year and may send one of those back for a second review.

“One of ones we looked at was looking at our enterprise data management. There were so many different programs involved in that and one of the things we didn’t do is show the direct impact, not just more efficiencies, but it will be easier. When we talk about the ease around data analytics, business intelligence and reporting, those were outcomes that meant something to the department, but I didn’t think we did a good enough job of showing to the outside how much better that would be in terms of being able to look at our data more holistically across all of the 19 different programs that we had.”

Cooke said the project also would’ve taken too long to show a return on investment.

Long said Energy submitted four proposals to the board last year, including the idea to move to a desktop-as-a-service and an application rationalization effort. He said Energy has learned valuable lessons from its experience with the board.

“As you are looking at projects, you need to factor in what are the savings, where are they coming from and how quick are you going to accumulate them, and what’s that overall return on investment look like,” he said. “Will it take you five years or 10 years to recoup that money that you used to do the project. Those are some of the key things you have to evaluate.”

Audit of TMF project underway

While Cooke and Long both praised the benefits of the TMF because the loan is helping each agency move more quickly on their respective projects, both said they expect more oversight and attention to their programs.

Cooke said HUD’s inspector general recently began an audit of the project.

“You want to make sure you have enough people and the right people to support these projects. It’s very high profile. There are a lot of external eyes on it, and we chose it be because of how important it is to the agency so everybody has got to be focused on it,” Cooke said. “That’s something we would have to consider when we look at what we have in front us right now that we are doing, what spare capacity would we have” for an additional TMF funded project?

One of the most talked about and highest profile pieces to the TMF is how agencies will pay back the loan.

Long said Energy runs a fee-for-service model for its enterprise cloud email so that’s the way it will pay back the loan.

Cooke said HUD expects the costs of moving off the mainframe and into a modern architecture will pay for itself quickly.

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

To view the original article click here.

First QSMOs are ‘proof points’ for new shared services model

By Dave Nyczepir

May 7, 2019

Moving agencies to integrated systems in accordance with the Office of Management and Budget’s new shared services policy won’t be easy, but the methodology is already being refined.

OMB released a memo on April 26 designating four initial agencies as hosts of quality service management offices, or QSMOs, charged with leading governmentwide adoption of common technology solutions.

Bigger, back-office lines of business like financial services and grants management were targeted first to best develop a replicable process for creating marketplaces, Margie Graves, U.S. deputy chief information officer, told FedScoop after speaking at the CFO/CIO Summit 2019.

“That’s why when you’re launching these — and I would call them proof points — it sort of lights the way because the flywheel moves faster after you get past those first few,” Graves said.

On the financial management side, the Department of Treasury and Department of Health and Human Services are the QSMOs for finance and federal grants, respectively. DOT “is a little better off” because it’s been experimenting with shared services for the past five years, said Tim Soltis, U.S. deputy controller, during the panel discussion.

Despite the progress, the finance side “is still going to be a challenge because you’ve got 24 agencies plus … around 40 systems, 19 other contracts that are maintaining the infrastructure of agency financial systems,” Soltis said. “Grants? Multiply that by 10; I mean that is going to be a major hassle to try and figure out just what the landscape is and where the lines are.”

OMB has been meeting with larger departments to figure out immediate needs and plan intermediate courses of action because, unlike with the last shared services policy memo in 2009, agencies won’t be kept waiting until a solution is ready perhaps a decade later, Soltis said.

“Everyone’s eyes glaze over when we talk about architecture,” Graves said. “But if we don’t do these plug-and-play, modular, Lego approaches to how we build these things and put them together, then we will always be in a situation where we will have to do the next hard thing.”

Gone are the days of agencies building their own, highly customized solutions that “no one else can use because it loses its license,” Soltis said.

Vendors of duplicative electronic invoicing, travel, payroll, and acquisition systems may “need to go out of business” because those systems are “built to not be interchangeable,” he added.

OMB isn’t done identifying new lines of business, and QSMOs for assisted acquisition, contract writing systems, customer experience, FOIA, travel, and real property management are forthcoming, according to the official website.

The biggest difference with the new shared services policy is governance and end state, Soltis said.

“Because the lines of business never had an end state,” he said. “It was only ever going to get to standardization.”

Click here for the original article.

AFFIRM’s ANNUAL LEADERSHIP AWARDS RECOGNIZE EXEMPLARY PERFORMANCE IN THE GOVERNMENT COMMUNITY

AFFIRM Contact:

Peg Hosky, AFFIRM Communications Committee

202-237-0300

peg@hosky.com

www.affirm.org

Washington, DC, May 1, 2019 — The Association for Federal Information Resources Management announced the government and industry leaders selected to receive the  AFFIRM Leadership Awards.  Coinciding with the 40th anniversary of this government / industry non-profit focused on improving technology’s impact on citizen’s lives, the awards celebrate the achievements of America’s best.

The AFFIRM Leadership Awards are among the most prestigious of the Federal community, honoring individuals and teams for their outstanding leadership over the preceding year. First awarded in 1979, award honorees join a prestigious list of agency executives and managers.

The AFFIRM Leadership Awardees will be recognized and honored on Thursday,
May 23, 2019 at the AFFIRM Annual Leadership Celebration, an evening reception from 6:00 pm to 9:00 pm, at the St. Regis Washington, DC. 

Award winners include:

Executive Leadership in Information Technology (Civilian)

  • Steve Rice, Deputy Chief Information Officer, U.S. Department of Homeland Security

Executive Leadership in Information Technology (DOD and Intelligence)

  • Ian Fowlie, Chief, CIO Digital Journey Office, Defense Intelligence Agency

Executive Leadership Award for Industry - Large Business

  • David Young, Senior Vice President, Strategic Government, CenturyLink

Executive Leadership Award for Industry - Small Business

  • Don Tiaga, President, FedBiz IT Solutions, LLC

Congressional Leadership Award

  • Congressman Will Hurd, (TX-23), U.S. Congress

Leadership Award in Acquisition and Procurement

  • Ken Rogers, Deputy CIO, Department of State

Leadership Award for Service to the Citizen and the Country

  • J.S. Shellenberger, Deputy Assistant Secretary, U.S. Department of Labor, Veterans' Employment and Training Service

Posthumous Leadership Award for Service to the Citizen and the Country

  • Chief Steven Elliott, Chief of Police, Miami Veterans Affairs Healthcare System

Leadership Award in Health Information Technology

  • Jose Arietta, Associate Deputy Assistant Secretary, U.S. Department of Health and Human Services

 Leadership in Technology Innovation

  • Edward Burrows, Robotics Process Automation Program Manager, U.S. General Services Administration

Leadership in Cyber Security

  • Bobby Miller, Sr. Director, Office of Cyber Monitoring & Operations, U.S. Department of State

Leadership in Cloud Computing

  • Damon Bragg, HSIN Service Operations Manager, U.S. Department of Homeland Security

 Leadership in Mobile Computing Technology

  • Joshua Kossoy, Director, Information Technology Infrastructure Operations Department, Pension Benefit Guaranty Corporation

Leadership in Big Data and Data Analysis

  • Mark E. Krzysko, Acquisition Data Executive, U.S. Department of Defense

Leadership in Artificial Intelligence and Machine Learning

  • Justin Legary, Branch Chief, U.S. Citizenship Immigration Services

Leadership in IT Modernization

  • Gundeep Ahluwalia, Chief Information Officer, U.S. Department of Labor

Special Leadership Recognition - Science, Innovation and New Technology

  • Dr. Pamela McCauley, Program Director, National Science Foundation

Emerging Leader Award

  • Kristin Solomon-Fish, Manager, IT Performance and Achievement, United States Postal Service

Leadership in Change - #changeagent

  • Alden J. Fry, Division Chief, Spartan Program Management Division, Bureau of Alcohol, Tobacco, Firearms and Explosives

President's Award

  • Confidential until AFFIRM Leadership Awards Celebration on May 23, 2019


To attend the AFFIRM Leadership Awards Celebration visit www.affirm.org


The Association for Federal Information Resources Management (AFFIRM) is a non-profit, volunteer, educational organization whose overall purpose is to improve the management of information, and related systems and resources, within the Federal government. Founded in 1979, and based in the Washington, DC area, AFFIRM's members include information resource management professionals from the Federal, academic, and industry sectors. 

www.affirm.org

@affirmtweets

How the Energy Department Tackles Cyberthreats

By Phil Goldstein, Editor, FedTech and StateTech

April 11, 2019

The energy and utilities industries remain ripe targets for cyberattacks, particularly the industrial control systems within power plants and other energy facilities. Indeed, in March 2018, the Department of Homeland Security reported that it, along with the FBI, had determined that “Russian government cyber actors” had launched “a multi-stage intrusion campaign” that targeted the networks of small commercial facilities in the energy and other critical infrastructure sectors.

While the Department of Energy’s Sandia National Laboratories are working on next-generation cybersecurity systems to fool hackers, the agency is not taking its eye off the ball when it comes to the broader IT security picture for the energy sector

Last year, the department stood up its Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, to lead and coordinate the agency’s response to attacks and disruptions in the energy sector. President Donald Trump included $96 million in the fiscal 2019 budget request to launch the office. 

“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Adrienne Lotto, deputy assistant secretary for infrastructure security and energy restoration, said last month at an Association for Federal Information Resources Management Cybersecurity Summit in Washington, D.C., according to Nextgov. “As a result, the threat against the sector has become even more frequent and more sophisticated.” 

CESER leads efforts to combat all threats to the energy industry, mitigate the risks and impacts of cyberattacks and other disruptions, and help restore services if and when utilities are attacked. “We address all hazards: cyber, man-made and natural,” Lotto said.

MORE FROM FEDTECH: Find out why creative federal cybersecurity workers will have more job security. 

Energy Department Focuses on Sharing Threat Information

CESER's Cybersecurity for Energy Delivery Systems Division focuses on the research and development of innovative technologies, tools and techniques to reduce risks to the critical energy infrastructure from cyberattacks and other emerging threats

“Continuing to increase the security, reliability, and resiliency of our electricity delivery system will help ensure the success of grid modernization and transformation of the Nation’s energy systems,” the organization says on its website

The division supports the research, development and demonstration of advanced cybersecurity solutions, as well as the acceleration of information sharing to enhance situational awareness.

By 2020, CESER wants the energy sector to be able to design, install, operate and maintain “resilient energy delivery systems” that can “survive a cyber incident while sustaining critical functions.” 

To do so, CESER’s cybersecurity program supports activities in three key areas: strengthening energy sector cybersecurity preparedness; coordinating cyber incident response and recovery; and accelerating research, development and demonstration of “game-changing and resilient energy delivery systems.”

At the AFFIRM event, Lotto said CESER is “developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine,” Nextgov reports. 

CESER is seeing threats to both energy sector IT as well as operational technology, Lotto said, adding that it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.” 

Additionally, Lotto said at the AFFIRM summit that CESER is developing a tool called CyOTE, or Cybersecurity for the Operational Technology Environment, “which works to increase situational awareness through an industry-led approach that will share and analyze OT data,” Nextgov reports. The tool will be enhanced via insights and intelligence from the intelligence community and the Department of Energy’s national labs, she said.

Click here for the original article.

Strong public-private partnerships are imperative, former officials said.

By Brandi Vincent, Staff Correspondent, Nextgov

March 22, 2019

To better defend America’s critical infrastructure, there needs to be a paradigm shift toward establishing stronger public-private partnerships, federal leaders said Thursday.

“We’ve heard for a very long time this notion of ‘whole of government,’ or a ‘whole of government response,’” retired Lt. Gen. Reynold Hoover told attendees of the Association for Federal Information Resources Management’s Cybersecurity Summit in Washington. “But I would argue that it’s not ‘whole of government’ anymore because a catastrophic event on our critical infrastructure is going to require a ‘whole of nation’ response. And that cuts across the local community, state community, the counties involved, the federal government and all the agencies and departments.”

Hoover said working across all sectors and as special assistant for homeland security to President George W. Bush during such a transformative era for technology forced him to realize that it’s time to think differently about how to plan, exercise and carry out the defense of America’s critical infrastructure.

“When we think about the cyber threat, it is from a determined adversary. So whatever your business is, you can’t do it alone,” Hoover said. “We cannot spend our way into cyber defense, we can’t build a castle wall and expect to defend in depth anymore, we have to do it in partnership.”

He said organizations like AFFIRM are important because they have the ability to bring public and private sectors together to “think about those challenges.”

Others panelists also agreed that enhancing information sharing across all sectors is vital to ensure that appropriate securities are in place as the nation adopts 5G and the internet of things continues to proliferate.

New York Power Authority’s Chief Information Security Officer and Vice President of Critical Secure Services Kenneth Carnes said his team has been actively working to build fiercer communication channels with individual agencies and key players in the financial and other sectors.

“I think that that preparedness is something that has to be done now,” Carnes said. He added that there are certain conversations they all have sooner, not later, “to make sure it postulates into the environment to give you that proactive threat defense” when a dangerous disruption comes.

Retired Maj. Gen. Joseph Brendler, who also served as the U.S. Cyber Command’s Chief of Staff, said partnerships between federal agencies are continuing to improve. “And I think there’s room for innovative ideas around public-private partnerships and roles and responsibilities on both sides,” Brendler said.

The panelists agreed that fortifying communication channels and unifying the public and private sectors to enhance infrastructure security is more important now than ever.

“We have not seen a time when I think we have been under such a geopolitical threat that we are facing right now. We are being challenged in every domain: air, ground, sea, cyber, every domain from a very determined adversary,” Hoover said. “And when we think about our critical infrastructure owners and operators, they are faced against a very determined adversary, whether its Russia, China, North Korea or Iran. So they need our help.”

Click here for the original article.

Inside the Energy Dept.’s New $96M Infrastructure-Security Office

By Brandi Vincent, Staff Correspondent, Nextgov

March 22, 2019

The new Office of Cybersecurity, Energy Security, and Emergency Response aims to deflect cyber, manmade and natural security hazards.

The priorities and efforts of the Energy Department’s nascent Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, were laid out by its first acting Principal Deputy Assistant Secretary Adrienne Lotto on Thursday.

“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Lotto told attendees of the Association for Federal Information Resources Management’s Cybersecurity Summit in Washington. “As a result, the threat against the sector has become even more frequent and more sophisticated.”

In response, she said Energy Secretary Rick Perry created the new office in February 2018 to elevate the threats to the public and private sectors and allocate resources and a workforce to address those threats head-on. The president included $96 million in the fiscal 2019 budget request to stand up the office.

Lotto said CESER leads the department’s efforts to secure the nation’s energy infrastructure against all hazards, reduce both the risks and impacts of cyber and other disruptive events, and assist in restoration when disruptions do happen—because they inevitably will.

“We address all hazards: cyber, manmade and natural,” she said.

Lotto also went into detail around the office’s early efforts. She said it is developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine. She said the office has noticed that they’re seeing the threats “not only on the [information technology] side of the house but on the [operational technology] side, as well.”

She said it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.”

Lotto also said that the office is working on a tool called CyOTE, or Cybersecurity for the Operational Technology (OT) Environment, which works to increase situational awareness through an industry-led approach that will share and analyze OT data.  

“That data will be enhanced by insight from the intelligence community and our [Energy] National Labs,” she said.

The office is also participating in exercises with other agencies and industry partners to enhance the security of the nation’s energy systems, and the ability to quickly bounce back after an attack or disruption. Lotto said it recently participated in an exercise with the Defense Advanced Research Projects Agency and other key partners on New York’s Plum Island. The office had the opportunity to shut down the island’s grid, and have operators practice “black starting the system,” which is a complex process to re-start a power grid.

“It was really enlightening and the team learned a lot,” she said.

The office is also working with states in both planning and coordination, to ensure they are improving their cybersecurity preparedness framework. Lotto said coordination across all of America’s governments and the private sector is ultimately crucial for success.

“It’s all hands on deck to solve a really big problem,” she said.

Click here for the original article.

What students think of government cyber jobs

By Chase Gunter, staff writer, FCW

March 22, 2019

Getting cybersecurity and tech talent into government has been a top management priority spanning administrations, but there remain fundamental challenges in selling government as an employer.

The U.S. Cyber Challenge, launched by former Federal CIO Karen Evans in 2010, holds camps and competitions around the country and helps students burnish their resumes and introduces them to recruiters.

USCCC leaders and participants said at a March 21 event that the government faces marketing and process challenges when it comes to attracting young cyber talent.

Doug Logan, USCC's chief technologist, said that for all the focus on government's inability to compete with private-sector pay, the exact dollar figure, while important, isn't disqualifying.

"The first reason why everyone tells me they don't want to work for the federal government is they think it's boring," he said. "The second reason why they say they don't want to work for the federal government is because they can't find job descriptions that match their entry-level capabilities because [agencies] all want people with a whole bunch of experience. The third reason is because the whole process of applying and actually getting hired in the federal government is horrible and painful and takes forever."

Workforce

What students think of government cyber jobs

  • By Chase Gunter

  • Mar 22, 2019

Getting cybersecurity and tech talent into government has been a top management priority spanning administrations, but there remain fundamental challenges in selling government as an employer.

The U.S. Cyber Challenge, launched by former Federal CIO Karen Evans in 2010, holds camps and competitions around the country and helps students burnish their resumes and introduces them to recruiters.

USCCC leaders and participants said at a March 21 event that the government faces marketing and process challenges when it comes to attracting young cyber talent.

Doug Logan, USCC's chief technologist, said that for all the focus on government's inability to compete with private-sector pay, the exact dollar figure, while important, isn't disqualifying.

"The first reason why everyone tells me they don't want to work for the federal government is they think it's boring," he said. "The second reason why they say they don't want to work for the federal government is because they can't find job descriptions that match their entry-level capabilities because [agencies] all want people with a whole bunch of experience. The third reason is because the whole process of applying and actually getting hired in the federal government is horrible and painful and takes forever."

Andrew Meserote, whose team won the Nevada-based camp's capture the flag competition last summer, plans to join the Department of Defense civilian cybersecurity workforce, pending a security clearance. He said the "the recruitment process [for government] is definitely slower than private industry." The slow hiring process means "there's still the chance that even if you get your clearance, the job's not there anymore."

Nicholas Bruno, whose team won the USCC's competition in Delaware back in 2016, currently does cyber and programming for a private company, but he said that he'd be open to part-time position -- or a stint in government -- if moving back and forth between government and industry was more viable.

What he said was most appealing about the prospect of working in government included the training government jobs could provide, the work he wanted to do and the prospect of obtaining a security clearance as a badge for proving trustworthiness.

USCC National Director Glenn Hernandez said not enough emphasis is put on marketing federal cybersecurity employment to job candidates.

"OPM doesn't advertise these positions because they leave it to agencies to push their own things, and there's not that type of recognition that these types of folks that are coming into the workforce need to have a different culture in order to attract them," Hernandez said.

Once new hires are on board, it's important to challenge them with interesting work.

"If they're staring at a screen for eight to 10 hours a day, you just lost them. Within months," he said.

The administration is piloting ways of getting folks already in government to fill those vacant positions. Jason Gray, CIO of the Department of Education, said the early interest among current federal employees on learning cybersecurity skills via the Cyber Reskilling Academy is a good starting point.

Gray, who is also the chairman of the CIO Council's IT Workforce Committee, said the "real goal" of pilot was to see if the model of cybersecurity training was something that would generate interest.

The reskilling effort is " really focused on enhancing the employee, and in many cases, the employees will probably get the education and bring it back to their organization and further the cyber efforts," he said. "It's really a win-win, regardless of whether they transition out of the work that they're in right now."

Click here for the original article.

Grooming the next generation of tech talent requires honest mentoring, according to government tech leaders.

By Brandi Vincent, Staff Correspondent, Nextgov

February 28, 2019

Mentorship is crucial to success so pay it forward, a panel of government tech leaders said Thursday.

“Mentoring is not a buzzword. It’s a very real thing. We all need help along the way to bring our best selves out,” Commerce Department Deputy Chief Information Officer Terryne Murphy said as part of a panel at the Association of Federal Information Resources Management’s “Trailblazing Women of Government IT” event in Washington.

Murphy reflected on the coaching that she’s received and the significant impacts that her own mentors have made in contributing to her success—and sometimes that means uncomfortable moments for both the mentor and the mentee.

“It should be a little scary, not overwhelmingly so, but it should be personally challenging—that’s what you should be looking for,” Murphy said, adding that friends are the ones who are meant to make people feel good.

“But your mentor is there to bring your best out of you and that’s supposed to be uncomfortable a little bit. It’s really supposed to be,” Murphy said.

The panel also agreed that it is critical for people to diversify their mentorship.

“I’ve had people ask me, as a woman, if it would it be more beneficial to have a woman as a mentor versus a man,” said Melinda Rogers, deputy chief information officer at the Justice Department. “Well I’ve had mentors and mentored people from both genders and I think it really comes down to the person and the chemistry.”

Pamela McCauley, who serves as program director in the Computer Information Science and Engineering Directorate at the National Science Foundation, also said that it’s imperative for people to learn from others who look different from them.

“I think this is really important, because a lot of times as women, we feel like we need a woman mentor and if you’re black, you need a black mentor,” McCauley said. “But you can have one mentor that can help you understand one area and another who can help you understand something else.”

The panel unanimously agreed that, because of how formative mentorship has been for their own careers, they feel compelled to pay it forward.

“I absolutely have to do it,” Murphy said. “I have to do it because it’s been so helpful to me.”

“Like Terryn, I have been the beneficiary of tremendous mentors, and I still stay in touch with them,” Rogers said. “So to the point of should you pay it forward, you absolutely should. You’re obligated to pay it forward.”

And for those who don’t feel that they have the time or energy to invest in people who ask them for mentorship, due to managing many competing priorities, she recommended connecting perspective mentees to others in their network who may have more to give.

“I take this extremely seriously because I would not be here without my mentors,” McCauley said. The other women on the panel nodded in unison.

NASA’s Chief Information Officer Renee Wynn said a key to her success was seeking out strong models and obtaining a supportive community. She added a “heartfelt ditto” to all that her fellow panelists said about mentorship.

After the panel, Murphy told Nextgov that she hopes that the discussion “helps everyone just go back and think about the choices that they,’ve made and the ones that are before them.” She said mentoring is important because it helps people to not only inform others’ perspectives but also see something that they personally may have missed themselves.

“Just this interaction could significantly impact the trajectory of someone’s career,” she said. “So if we did anything to help perpetuate a positive trajectory today, that’s awesome.”

Click here for the original article.

The budding Office of Cybersecurity, Energy Security and Emergency Response aims to deflect cyber, manmade and natural security hazards.

By Brandi Vincent, Staff Correspondent, Nextgov

March 21, 2019

The priorities and efforts of the Energy Department’s nascent Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, were laid out by its first acting Principal Deputy Assistant Secretary Adrienne Lotto Thursday.

“We all see the magnitude and sophistication of the threats facing our energy infrastructure. Our nation’s electricity, fuel and delivery systems have become more complex and even more interdependent,” Lotto told attendees of the Association for Federal Information Resources Management’s Cybersecurity Summit in Washington. “As a result, the threat against the sector has become even more frequent and more sophisticated.”

In response, she said Energy Secretary Rick Perry created the new office in February 2018 to elevate the threats to the public and private sectors and allocate resources and a workforce to address those threats head-on. The president included $96 million in the fiscal 2019 budget request to stand up the office.

Lotto said CESER leads the department’s efforts to secure the nation’s energy infrastructure against all hazards, reduce both the risks and impacts of cyber and other disruptive events, and assist in restoration when disruptions do happen—because they inevitably will.

“We address all hazards: cyber, manmade and natural,” she said.

Lotto also went into detail around the office’s early efforts. She said it is developing techniques to enhance the speed and effectiveness of threat and vulnerability information sharing that’s both bi-directional and machine to machine. She said the office has noticed that they’re seeing the threats “not only on the [information technology] side of the house but on the [operational technology] side, as well.”

She said it’s important for “both the federal government and private sector to work towards closing the understanding of that gap.”

Lotto also said that the office is working on a tool called CyOTE, or Cybersecurity for the Operational Technology (OT) Environment, which works to increase situational awareness through an industry-led approach that will share and analyze OT data.  

“That data will be enhanced by insight from the intelligence community and our [Energy] National Labs,” she said.

The office is also participating in exercises with other agencies and industry partners to enhance the security of the nation’s energy systems, and the ability to quickly bounce back after an attack or disruption. Lotto said it recently participated in an exercise with the Defense Advanced Research Projects Agency and other key partners on New York’s Plum Island. The office had the opportunity to shut down the island’s grid, and have operators practice “black starting the system,” which is a complex process to re-start a power grid.

“It was really enlightening and the team learned a lot,” she said.

The office is also working with states in both planning and coordination, to ensure they are improving their cybersecurity preparedness framework. Lotto said coordination across all of America’s governments and the private sector is ultimately crucial for success.

“It’s all hands on deck to solve a really big problem,” she said.

Click here for the original article.

Cyber Recruitment: It's not (always) about the money

It's probably no surprise government has trouble attracting young cyber talent, but changes to marketing and hiring processes could help fill the cyber talent pipeline, according to Doug Logan, chief technologist of the U.S. Cyber Challenge. Launched in 2010, USCC holds camps and competitions around the country, helps students burnish their resumes and introduces them to recruiters.

For all the focus on government's inability to compete with private-sector pay, the exact dollar figure, while important, isn't disqualifying, he said.

"The first reason why everyone tells me they don't want to work for the federal government is they think it's boring," he said. "The second reason …  is because they can't find job descriptions that match their entry-level capabilities because [agencies] all want people with a whole bunch of experience. The third reason is because the whole process of applying and actually getting hired in the federal government is horrible and painful and takes forever."

Andrew Meserote, whose team won the Nevada-based USCC camp's capture the flag competition last summer, plans to join the Department of Defense civilian cybersecurity workforce, pending a security clearance. He said the "the recruitment process [for government] is definitely slower than private industry." The slow hiring process means "there's still the chance that even if you get your clearance, the job's not there anymore."

Nicholas Bruno, whose team won the competition in Delaware back in 2016, currently does cyber and programming for a private company, but he said that he'd be open to part-time position -- or a stint in government -- if moving back and forth between government and industry was more viable.

The most appealing aspects about working in government he cited include the training government jobs could provide, the work he wanted to do and the prospect of obtaining a security clearance as a badge for proving trustworthiness.

USCC National Director Glenn Hernandez said not enough emphasis is put on marketing federal cybersecurity employment to job candidates.

"OPM doesn't advertise these positions because they leave it to agencies to push their own things, and there's not that type of recognition that these types of folks that are coming into the workforce need to have a different culture in order to attract them," Hernandez said.

Once new hires are on board, it's important to challenge them with interesting work.

"If they're staring at a screen for eight to 10 hours a day, you just lost them. Within months," he said.

The administration is piloting ways of getting those already in government to fill those vacant positions. Department of Education CIO Jason Gray said the early interest among current federal employees on learning cybersecurity skills via the Cyber Reskilling Academy is a good starting point.

Gray, who also chairs the CIO Council's IT Workforce Committee, said the pilot’s "real goal" was to see if the model of cybersecurity training was something that would generate interest.

The reskilling effort is "really focused on enhancing the employee, and in many cases, the employees will probably get the education and bring it back to their organization and further the cyber efforts," he said. "It's really a win-win, regardless of whether they transition out of the work that they're in right now."

This article was first posted to FCW, a sibling site to GCN.

By Chase Gunter

March 25, 2019

Letter from The President

AFFIRM AT 40…
2019 promises to be an exciting new year. AFFIRM’s mission remains strong with the focus on scholarships and education programs. AFFIRM provides these robust programs through the continued support and sponsorship of our sustaining partners and volunteers.  We would like to extend a sincere thank you for a successful 2018 and to continue the momentum in 2019.

As AFFIRM enters its 40th year, we hope you will join us to support the government’s use of information technology as a catalyst for transformation.

  • AFFIRM’s accomplishment are many: Our scholarship efforts make a difference in the lives of students pursuing technology education and careers. 

  • Thanks to our industry partners and our strong programs, AFFIRM has been able to donate nearly $500,000 to organizations supporting and educating technology students.

  • Our all-volunteer board represents the best and brightest from both industry, government and academia.  Contributing time and expertise, these leaders are the critical element to our success. 

  • Educational programs served over 2,000 government managers, with a draw of nearly 40% attendance from government.  Certified Professional Development Units (PDUs) from PMI add further value to participants.

    Through our combined efforts, we bring the commitment to drive home our mission. We invite your contribution to the government community in the following ways:

  • Become an industry sustaining partner and sponsoring partner for the high-value programs throughout the year.  Sponsorships are available throughout the year and early-bird special opportunities until March 30th, 2019.

  • Volunteer for a committee to support AFFIRM’s goals to grow our scholarship contributions.

  • The ability to review, discuss, and make an impact on IT policy by understanding “what makes government work”. This is done through the luncheon series, after hours programs, and other events throughout the year

www.affirm.org

Program, Events, Membership and Sponsorship information


www.affirm.org/reservations/

Don’t forget to sign up for the monthly luncheons and information for upcoming events at

For Individual Contributions please go to
www.affirm.org;gofundme

Don’t miss the exciting program lineup for 2019 Programs;
 

·       After Hours Events – Scheduled throughout the year

·       Speaker Series – Monthly Luncheons (mid-month)

·       US Cyber Challenge Summit – March 21, 2019

·       CFO/CIO Summit 2019 – May 7, 2019

·       Annual Leadership Awards – May 23, 2019

·       IT Career and Shadow Day – April,2019

·       AFFIRM Annual Golf Tournament – October 21, 2019

AS IT ENTERS ITS 40TH YEAR, AFFIRM SELECTS RMK PRODUCTIONS AS ASSOCIATION MANAGEMEnT COMPANY

Washington, DC, December 15, 2018 — The Association for Federal Information Resources Management (AFFIRM) has selected RMK Productions as its association management company.  This move continues the association’s drive to maintain its 40 years of service as an educationally-based association supporting the government sector.

“RMK Productions brings the right mix of experience, dedication, and knowledge of the public sector to AFFIRM,” said Adrian Gardner, President of AFFIRM.  “As the long-term association management company for organizations like Women in Technology and the American Association of Pastoral Counselors, RMK has the right team to support AFFIRM’s year-round series of training events.  This allows our all-volunteer board and committees to stay focused on our mission of improving information management in the Federal government.”

Reggie M. Kouba, founder and principal of RMK Productions, noted, “We are proud to work with the talented AFFIRM board as AFFIRM’s full service association management company.  As a team, we have earned our reputation for careful planning and execution, financial accountability, highest-quality client services, and long term relationships, and we are pleased to be selected to bring our brand of support to AFFIRM.”

About RMK Productions

RMK is a full-service, woman-owned, association management and event planning company with over 12 years’ experience serving the needs of associations, corporations, foundations, and non-profit organizations.  Learn more at https://rmkproductions.com/.

About AFFIRM

The Association for Federal Information Resources Management (AFFIRM) is a non-profit, volunteer, educational organization whose overall purpose is to improve the management of information, and related systems and resources, within the Federal government. Founded in 1979, and based in the Washington, DC area, AFFIRM's members include information resource management professionals from the Federal, academic, and industry sectors.  AFFIRM is a PMI R.E.P and delivers certified PDUs to support the project manager career field in government and industry.  Stay in touch at www.affirm.org and @affirmtweets.