A Cloudy Forecast for Government

Posted on by

The need for cloud computing has moved beyond simple cost-saving calculations. The elasticity and scalability of cloud meet the demands citizens have for digital services to be efficient and personalized. Cloud is also critical for AI adoption, providing the processing power needed to facilitate the training and use of AI models.

Government Moves to Mostly Cloudy

Based on these capabilities, the use of cloud is increasing. A recent Government Accountability Office (GAO) study found that the use of the Federal Risk and Authorization Management Program (FedRAMP) increased by about 60% between July 2019 and April 2023. Continue reading

The Changing Identity of Identity Management

Posted on by

A key element of the move to zero trust is the use of "strong multi-factor authentication (MFA) throughout their enterprise." While identity management has been indicated by many as the "low hanging fruit" of a zero-trust journey, it is by no means easy. In fact, recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) called it "notoriously difficult."

Key challenges to implementing MFA include:

  • Lack of standards - the CISA/NSA guidance pointed to confusion over MFA terminology and vague policy instructions as primary challenges to implementing more secure access. A joint committee of European Union (EU) and U.S. experts addressed this same issue in the Digital Identity Mapping Exercise Report, which aimed to define specific digital identity technical terminology. For example, the group found some definitions, such as "authoritative source" and "authentication factor," are identical between the U.S. and EU, whereas others, like "identity" and "signature," remain only partially matched.
  • Phishing - bad actors do not always hack the system; they hack the process, gaining entry through social-engineering tactics that grow more sophisticated by the day. The CISA/NSA report called on the vendor community to provide MFA services with additional investments and greater defenses against sophisticated attacks.
  • Rise of Generative AI - The Department of Homeland Security (DHS) is working to ensure technologies can determine if a submitted image is legitimate or a hacker's spoof. This "liveness detection" is needed to ensure that a submitted selfie is really a photo of a person, not a mask, photo of a photo, or other technique to try to get past the check.

Continue reading

No Degree? No Problem. The Changing Landscape for Government Job Seekers

Posted on by

There are nearly 200,000 job openings across the federal government. Within those openings, a large percentage are in the areas of Cybersecurity and Artificial Intelligence (AI). Building the workforce in these relatively new disciplines is forcing a new look at traditional requirements for careers in government.

The practice of skills-based hiring is gaining traction in government as a way to fill these important vacancies with a more diverse set of talent. Skill-based hiring involves looking beyond degrees and certifications and identifying candidates' skills that are applicable to the role. For example, a person may not have a computer science degree, but they have worked extensively with a key programming language or system in previous roles.

Uncovering Skills Not Experience

A candidate could have great experience. A four-year degree from a prestigious school. Past work with brand-name companies. But if you really dig in, you may find they don't actually possess the skills needed to get the job done. Continue reading

FITARA Goes to the Cloud, Grades Come Down to the Ground

Posted on by

The 17th edition of the Federal Information Technology Acquisition Reform Act (FITARA) scorecard featured a revamped list of measurements to illustrate federal agency progress against current modernization goals. This latest scorecard introduced two new categories - Cloud Computing and CIO Investment Evaluation - while dropping the measurement of compliance with data center modernization, something all agencies have completed.

This reshuffling of measurement criteria resulted in lower grades for 11 agencies. Twelve agencies saw their grades unchanged. The Department of Defense (DoD) was the sole group earning a higher grade, rising from a C to a B. These drops are not necessarily a concerning indicator, but rather a re-baselining of where agencies stand in terms of modern digital government goals. Continue reading

How CX Is Driving Government Modernization

Posted on by

Improving the "customer" experience (CX) for citizens interacting with the government has been a focus for several administrations. The reason is that better experience equals improved trust in government. It's critical that our systems live up to the promise of government for the people.

Defining the Pieces of CX

A critical part of getting experience right is understanding the different pieces that make up a customer experience. Words like "experience" and "service" are often used interchangeably when talking about CX efforts, but it is important to understand some key differentiators. Continue reading