The Wrap: Feds Need Quantum Boss; Data Security ‘Hodge-Podge’ Fix; Rosenworcel Departing FCC
Welcome to The Wrap for Thursday, November 21!
From the newsroom at MeriTalk, it’s the quickest read in Federal tech news. Here’s what you need to know today:
Feds Need Quantum Boss
That’s the bottom line from a new US Government Accountability Office (GAO) report out today that warns the Federal government’s shift to post-quantum cryptography is bound to fail due to the lack of one singular entity overseeing and implementing a national strategy addressing the threat. GAO said that the Office of the National Cyber Director, The White House (ONCD) is best positioned to lead Federal agencies through the PQC process and beyond. The Federal government has worked over the past eight years to address this quantum threat by releasing various guidance documents out of several different agencies. But GAO’s conclusion is that “the strategy lacks details and nobody’s in charge of implementing it.” The watchdog agency said existing guidance documents are aligned in three central goals: standardize post-quantum cryptography, migrate Federal systems to that cryptography, and encourage all sectors of the economy to prepare for the threat. GAO said the strategy, led by ONCD, should incorporate “desirable characteristics,” like problem definition and risk assessment; purpose, scope, and methodology; and objectives, activities, milestones, and performance measures. According to the report, these desirable characteristics have not been fully addressed “because no single federal organization is responsible for coordinating the strategy.”
Fixing the Data Security ‘Hodge-Podge’
Thanks to the rapid emergence of AI and facial recognition technologies, the government recently has its hands on a lot more personally identifiable information (PII). However, the US Government Accountability Office (GAO) said this week that there are no government-wide laws or guidance regarding data security – more specifically, how agencies should protect Americans’ civil rights and civil liberties while using PII. In a new report, GAO is calling on Congress to offer a solution. The government watchdog wants Congress to designate an agency to issue government-wide guidance or regulations to help protect Americans’ civil rights and civil liberties while using personal data. “Until such guidance or regulations are issued, there is an increased risk of agencies’ collection, sharing, and use of data potentially violating the public’s civil rights and civil liberties,” the report says. As one Federal agency put it, such guidance could “eliminate the hodge-podge approach to the governance of data and technology.”
Recommended by LinkedIn
Rosenworcel Departing FCC
Federal Communications Commission Chairwoman Jessica Rosenworcel confirmed today – as expected – that she will be leaving the agency by the Jan. 20 inauguration of President-elect Trump. Rosenworcel, who first joined the FCC in 2012 as a Democratic appointee – was named in 2021 to chair the five-member commission by President Biden. When administrations turn over, the incoming president gets to designate the new chair, and President-elect Trump said earlier this month he will tap Brendan Carr, a current FCC commissioner, to become the agency’s new chairman in January. “Serving at the Federal Communications Commission has been the honor of a lifetime, especially my tenure as Chair and as the first woman in history to be confirmed to lead this agency,” Rosenworcel said in a statement today. “I want to thank President Biden for entrusting me with the responsibility to guide the FCC during a time when communications technology is a part of every aspect of civic and commercial life,” she said.
VA CIO: Cyber Budget Still Lacking
Even though the U.S. Department of Veterans Affairs ’ cybersecurity budget has increased substantially since fiscal year 2023, agency CIO Kurt DelBene told lawmakers on Wednesday that the agency’s cybersecurity capabilities are suffering from a shortage of skilled IT workers and not enough budget to compete with the private sector for skilled new hires. During a House VA Technology Modernization Oversight Subcommittee hearing on Nov. 20, lawmakers questioned DelBene on the VA’s “inadequate” and “unfocused” cybersecurity program. DelBene pushed back, saying, “we have discussed our budgetary limitations in the past, recruiting and retaining individuals with high demand cybersecurity expertise is a top priority for IT and industry leaders alike … for such employees, government salaries are too low to be competitive, even when combined with compensation incentives and benefits.” DelBene’s bottom line: “to successfully hire and retain high-demand cyber professionals, the entire Federal government must take immediate steps to increase the salaries of [the IT] workforce.” Please do click through for the whole story.
Once again, let’s “call IT a day,” but we'll bring you more tomorrow. Until then please check the MeriTalk breaking news website throughout the day for the latest on government IT people, process, and policy. And finally, please hit the news tip jar [with leads, breaking news, or simply your two cents] at newsstaff@meritalk.com.