GAO sounds the alarm on federal cybersecurity efforts

• The Postal Service is tightening its online security measures after fraudsters stole paychecks from employees. USPS said cyber criminals are targeting USPS employees by creating fake websites that closely resemble Lite-Blue, the agency’s online employee portal. Postal unions are warning members that fraudsters are using these spoofed websites to obtain USPS employees’ login credentials and reroute direct-deposit paychecks to their own bank accounts. USPS said it is adding multi-factor authentication to Lite-Blue and offering a year of credit monitoring to affected employees. (USPS tightens online security after fraudsters steal employees’ paychecks – Federal News Network)

• The Department of Veterans Affairs is weeks away from taking its next step to modernize its supply chain systems. Just over a month after pulling the plug on its troubled Defense Medical Logistics Standard Support system (DMLSS) implementation, VA is ready to look at commercial technology. Mike Parish, VA’s chief acquisition officer, said they are trying to make sure they are not over engineering the systems-of-systems approach they are taking now. “We’ve gotten lots of feedback so it’s not big government dictating to you what the solution is going to look like. We are asking you how to do the RFP right. We are probably weeks away, not months way, from doing the formal solicitation,” Parish said.

• The General Services Administration has issued a new travel regulation when federal employees are on temporary duty. GSA said it is clarifying a concept called “constructive cost,” which encourages leaders to select the transportation method most advantageous to the government, when cost and other factors are considered. The other factors range from energy conservation to total cost to the government, including costs of per diem, overtime, lost work time and actual transportation cost. Additionally, agencies must take into account total distance traveled, number of points visited and number of travelers. GSA issued a proposed rule in May, received no comments and made no substantive changes to the final rule.

• The top Republicans on the House Oversight and Accountability Committee and the House Science, Space and Technology Committee are asking how several pieces of AI policy fit together. Reps. James Comer (R-Ky.) and Frank Lucas (R-Okla.) are asking the White House Office of Science and Technology Policy (OSTP) whether its recently released Blueprint for an AI Bill of Rights overlaps or conflicts with another upcoming policy. The National Institute of Standards and Technology is releasing a congressionally mandated AI framework later this month. The lawmakers are asking OSTP whether it consulted NIST and other agencies when working on the AI Bill of Rights.

• The National Archives and Records Administration is aiming to help agencies adopt fully electronic recordkeeping this year. NARA plans to finalize a long-awaited rule this year for digitizing permanent records. The Archives first issued a proposed rule in December 2020.The regulations should give agencies more leeway to move away from managing paper. NARA had previously advised agencies against getting rid of permanent records they had digitized prior to the final rule’s release. Agencies are working to digitize all of their permanent records before June 2024. (Federal records chief says ‘culture of paper’ persists at agencies — Federal News Network)

• The Government Accountability Office is once again sounding the alarm on federal cybersecurity efforts. GAO said of the 335 recommendations it has made since 2010, more than 60% remain open. For example, GAO said the administration needs to complete its National Cybersecurity Strategy, which was in development as of late last year. It also lists, as high priorities, supply-chain risk management, developing the cybersecurity workforce, creating metrics to assess the security of critical infrastructure devices, and improving quantum-computing capabilities.

• The Justice Department is looking for the top Freedom of Information Act professionals in government. DOJ’s Office of Information Policy is accepting nominations for the 2023 Sunshine Week FOIA Awards through February 15. Categories include exceptional service by a FOIA professional, outstanding contributions by a new employee, and a lifetime service award. The winners will be recognized during DOJ’s Sunshine Week event on March 13. Nominations can be submitted by agencies or by a member of the public.

• The Office of Personnel Management is hiring a chief learning officer. In its USA Jobs posting, OPM said it is looking for someone to be responsible for developing training programs and to serve as the agency’s subject matter expert in training and development. Responsibilities will also include overseeing OPM’s e-Learning programs and learning management system. This GS-15 job will be based in Washington, D.C. and applications close on January 27.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.