GovCIO Media & Research Podcasts

Explore how CISA and CMS are tackling open source software (OSS) security in government. CISA Technical Advisor Jack Cable shares insights on CISA’s roadmap, best practices and efforts to secure OSS and promote open source program offices.

CMS Digital Service Open Source Lead Remy DeCausemaker also discusses the strategic approach to creating an open-source program office, focusing on stakeholder engagement, security measures and regulatory guidance. Hear how these strategies are shaping the future of open source security and fostering collaboration.

Travelers around the world are seeing more opportunities to use digital documents to verify their identities at airports and other travel hubs. The Transportation Security Agency (TSA) is honing in on technologies that rely on biometrics and artificial intelligence to develop and create seamless solutions that cater to all travelers at these checkpoints.

At Identity Week in Washington, D.C., TSA Capability Manager for Identity Management Jason Lim discussed how advancements in AI and machine learning are helping the industry innovate around facial recognition technology. He also highlighted some of the latest interoperability standards government should know about when implementing digital identity solutions.

Biometric technology has seen remarkable advancements in recent years, especially in areas like facial recognition.

Arun Vemury, senior advisor for biometric and identity technologies at the Department of Homeland Security, shared how error rates in facial recognition have dropped tenfold over the past decade thanks to machine learning. He also highlighted the growing use of digital credentials such as mobile driver's licenses and emphasized the importance of rigorous testing to ensure these technologies' reliability.

Vemury discussed the Remote Identity Validation Technology Demonstration (RIVTD) project, which evaluated technologies for credential validation, selfie-to-document matching and presentation attack detection, with some results available with Maryland Test Facility at https://mdtf.org/.

In August, the National Institute of Standards and Technology (NIST) released a new draft of its Digital Identity Guidelines for the identity-proofing process. This covers technologies like digital wallets, passkeys and physical identification documents like REAL ID-compliant passports and drivers licenses.

The draft outlines ways to boost privacy, accessibility and security during the identity-proofing process for those accessing government services and benefits. Ryan Galluzzo is the digital identity program lead at NIST. At Identity Week in Washington, D.C., he spoke about the guidelines, the interoperability work that powers these technologies, and the importance of balancing security and accessibility when implementing digital identity programs.

General Service Administration Executive Director of Cloud Strategy Eric Mill briefed updates for the newly focused FedRAMP program and associated advisories for cloud service providers.

FedRAMP’s Agile Delivery Pilot will help prepare the program for continuous assessments, a key part of FedRAMP 2.0’s evolution. He also previews FedRAMP’s Emerging Technology Prioritization Framework that will soon enable agencies to use generative AI.

Mill discusses the agency’s new automation hub, automation.gsa.gov, supporting cloud service providers creating and managing digital authorization packages. He also shares his priorities around real-time data sharing, APIs and secure software development.

The White House has made government cybersecurity hiring a priority, releasing a strategy in 2023 to address gaps. Agencies and their partners have stressed the need to build foundational cyber skills in Americans long-term.

ISC2 is a professional association for cybersecurity pros, with more than 650,000 members. ISC2 Executive Vice President of Advocacy, Global Markets and Member Engagement Tara Wisniewski spoke about skills-based hiring in cybersecurity, how the regulatory process affects the workforce and how agencies can hire cyber pros easier.

The future of cybersecurity is changing as threats evolve. NIST’s Cybersecurity Center of Excellence works with partners in the public and private sectors to address securing IT systems and critical infrastructure.

Cherilyn Pascoe, director of NCCoE, at Billington Cyber Summit in Washington, D.C., discussed the center’s collaboration with industry and government agencies, NIST’s Cybersecurity Framework 2.0 and migrating to post-quantum cryptography standards to protect against quantum computer threats.

The Defense Information Systems Agency is harnessing artificial intelligence to secure multi-cloud environments. Effective monitoring capabilities for the cloud are critical to avoid bad actors from breaching vulnerabilities and to further secure the edge.

DISA CTO and Emerging Technology Director Steve Wallace at Billington Cyber Summit in Washington, D.C., discussed how emerging technology is helping the Defense Department manage its multi-cloud environment, the value of AI amid legacy system modernization and the importance of embracing new technology to improve skill sets and tackle larger tech challenges.

National Science Foundation CDO and Chief AI Officer Dorothy Aronson is establishing a new organization that will unify departments within the agency. While the agency is standing up some critical efforts under the White House executive order such as the National AI Research Resource pilot, Aronson highlights some of her initial priorities for the role that include merging the CAIO, CDO and CISO under the Office of the CIO.

Aronson also discusses the importance of preparing data for advanced analytics and AI as well as the significance of providing researchers with access to clean data layers.

A special initiative and data registry at the National Cancer Institute is helping researchers understand and treat rare childhood cancers.

Dr. Mary Frances Wedekind, a pediatric oncologist and assistant research physician with the Pediatric Oncology Branch at NCI, explains how the Childhood Cancer Data Initiative follows children, teens and young adults for many years to collect key information about their cancer diagnosis, imaging and treatments.

She added that the initiative along with the Rare Cancer Data Registry are critical to helping researchers access and analyze the clinical and genomic data that could potentially lead to more effective targeted therapies and new drug developments that could  improve the standards of care for young patients.