The Pentagon’s Cybersecurity Maturity Model Certification (CMMC) program took a big step forward today. This morning’s Federal Register includes the much-anticipated proposed rule for the Defense Department’s CMMC program. The public will have 60 days to comment on the 234-page document. It lays out the Pentagon’s program for ensuring defense contractors meet cybersecurity requirements. DoD expects to roll out the requirements in a phased plan, with full implementation starting October 1, 2026.
Agencies have new guidance to promote more public engagement in federal rulemaking. The Office of Information and Regulatory Affairs (OIRA), is giving agencies new tools and requirements for promoting public engagement during the federal rulemaking process. OIRA launched a new web portal to make it easier for citizens and businesses to request meetings about regulatory actions. Additionally, OIRA created a new process for disclosing meeting data in an open, machine-readable and accessible format. These are among the changes OIRA issued last week to facilitate participation and improve transparency of the federal rulemaking process. The new requirements complete an overhaul of the regulatory process started in April with President Joe Biden's executive order and OIRA's draft guidance.
President Biden has made a 5.2% pay raise official for feds in 2024. But not everyone will get the same raise. That 5.2% figure for the pay raise is only an average. The actual number federal employees will see in their paychecks next year depends on where they work. A mechanism called locality pay means that federal pay raises vary based on geographic location. The idea is to ensure federal wages more closely align with private sector rates. For 2024, federal employees’ pay raises nationwide actually range from 4.9% to 5.7%.
The Postal Service is setting higher pay caps for its managers, supervisors and postmasters in the new year. Under the agreement, USPS will increase the top range of Executive Administrative Schedule (EAS) salaries by 4.7%. USPS will also increase the minimum salaries for each pay band in its ranks of managers and supervisors. They will see pay increases averaging about 5%.
Not everyone working for the government will see bigger paychecks next year. A pay freeze will continue for certain officials in the executive branch. Specifically, senior political appointees and other positions on the Executive Schedule will see a continued cap on their salaries. That pay freeze has been in place for about 10 years. General Schedule employees, Foreign Service employees and career members of the Senior Executive Service are not affected, and will still get raises in 2024.
President Joe Biden signed the defense policy bill into law, approving $886 billion in military spending. This means that the Defense Department now has 120 days to develop and implement a strategy to deploy private wireless networks to military bases. The legislation calls for the Defense Department to ramp up its 5G effort, requiring the secretary of Defense to ensure the infrastructure is in place to support upgrades to future-generation technologies. Lawmakers want to be briefed by the secretary on the progress made within 150 days of the act's enactment. The DoD recently moved its 5G-related activities from the undersecretary of Defense for Research and Engineering’s Future G and 5G office to the DoD chief information officer.
The Senate has confirmed the majority of military nominations, ending Sen. Tommy Tuberville’s (R-Ala.) 10-month blockade of promotions in a protest of the Pentagon’s abortion policy. But one officer’s promotion was still on hold as the Senate adjourned for holiday recess. This time, Sen. Eric Schmitt (R-Mo.) has stepped in to block the promotion of Air Force Col. Benjamin Jonsson. Schmitt is delaying the promotion over conflicting views on the military's diversity, equity and inclusion programs. Since it is the end of the year, the White House will have to submit Jonsson’s nomination for promotion to the Senate again next year.
Agencies paid more than $38 million to dead people. The Defense Department stored 80 gas engines outside instead of under cover, ruining $89 million worth of equipment. And the United States Agency for International Development (USAID) spent $6 million to boost tourism in Egypt. These are among the examples Sen. Rand Paul (R-Ky.) highlighted in the ninth annual 2023 ‘Festivus’ Report on Government Waste. The ranking member of the Committee on Homeland Security and Governmental Affairs detailed more than $900 billion worth of spending he deemed wasteful.
Federal agencies have received fresh guidance on how to secure widely used software applications. Last week, the Cybersecurity and Infrastructure Security Agency (CISA) released Version 1.0 of its Microsoft 365 security configurations. It is a part of CISA’s Secure Cloud Business Applications (SCuBA) project. CISA made more than 100 modifications to the original draft Microsoft configurations released last October. The baseline configurations are intended to make sure system administrators set up popular applications, like Microsoft Teams and Exchange Online, with the proper security settings.