The General Services Administration's (GSA) office of inspector general has offered recommendations to help GSA improve its management of personal identity verification cards being issued to contract employees to access the agency’s information technology systems and buildings.

GSA’s deputy administrator should take measures to properly account for issued PIV cards, such as recovering and terminating all access cards from former contract employees, updating records in the Credential and Identity Management System for contract personnel and reporting to the Department of Homeland Security (DHS) any unauthorized possession of PIV cards, OIG’s office of audits said in a report published Wednesday. 

The report also recommended collaboration between staff offices and heads of services to facilitate the implementation of new and existing policies when it comes to PIV cards by developing procedures to recover PIV cards and requiring training on card recovery and issuance for employees involved in processing access cards, among others. 

OIG made the recommendations after it found that GSA failed to account for about 15 thousand access cards issued to contracting personnel and retrieve more than half of the 445 PIV cards from employees who did not pass their background checks. 

“GSA’s poor management and oversight of these cards raises significant security concerns because the cards can be used to gain unauthorized access to GSA buildings and information systems, placing GSA personnel, federal property, and data at risk,” the report states.

Vice Adm. Nancy Norton, director of the Defense Information Systems Agency a previous Wash100 awardee, said DISA will release in the coming weeks its updated Strategic Plan taking into account the COVID-19 pandemic and other operational changes, Nextgov reported Thursday. 

“It’s not a big difference but it is very definitely accounting for all of the changes that have happened around us in the last year,” Norton said Thursday during an AFCEA-hosted webinar. “Of course, the biggest one is COVID-19 and the mass telework environment that we’re in.” 

She said the cloud-based internet isolation program to counter web-based threats is one of the capabilities DISA has implemented during the pandemic while meeting one of the goals of the strategy. 

“Implementing the CBII helped DISA enable the Defense Health Agency’s telehealth program when they needed it the most, supporting operations during this pandemic,” Norton said. “It also allowed our Air Force missileers on long-duty rotations to set up to meet new quarantine requirements to have much-needed access during their downtime.” 

DISA issued in July 2019 its four-year Strategic Plan that provides a framework to guide the agency’s resource allocation, assessment criteria and planning priorities through 2022 in support of the joint forces’ efforts to counter adversaries, ensure resilience and adapt to challenges.

Nand Mulchandani, chief technology officer of the Department of Defense’s (DoD) Joint Artificial Intelligence Center (JAIC), said JAIC is working on new approaches on how model and data sharing could come up with a manifest that helps counter cyber attacks that try to hinder or confuse algorithms when it comes to releasing sensitive data, FedScoop reported Thursday. 

“The trick is to figure out what tech/products are ready to deploy and in what ‘domain,'” Mulchandani told the publication. “We think that AI explainability, AI security, AI ethics, and AI testing are all tightly connected and have very tight collaboration between the various groups that are tackling these areas."

He said JAIC considers data used to train these AI algorithms as its most important intellectual property in need of protection against cyber vulnerabilities. 

Cheryl Ingstad, director of the Department of Energy's (DoE) Artificial Intelligence & Technology Office, announced the possibility of a tool that examines AI algorithms for bias. The tool would enforce ethical principles as well as cyber hygiene.

“Adversarial AI is an area where we need to do a lot of innovation around it and create new principles and new processes and methodologies to address it,” Ingstad said.

The U.S. Navy plans to update its telework system and include more features to the cloud-based platform as the service branch prepares for long-term remote work operations, FedScoop reported Wednesday.

"We are moving to the cloud and we need everyone to get on board with the strategy,” said Andrew Tash, chief architect at the Department of the Navy, at a recent industry event hosted by the service. “We have a cloud-tolerant architecture in place, but we need to get to a cloud-native architecture.” 

The Navy has projected to transition operations into a Microsoft 365 integrated environment and establish more advanced security features by June 2021.

According to FedScoop, the Navy seeks to implement a network-as-a-service framework for its telework operations to support elements such as calendar and email functionalities.

The Microsoft-based system is meant to build on the Navy’s existing Commercial Virtual Remote environment. By 2021, the service plans to deploy as many workloads and applications as possible to the new platform to support both remote and in-person operations.

Tash added that  many parts of the Navy are all-in on cloud and telework modernization, there needs to be more unification in their efforts. “Disparate” efforts have not yielded the results Tash has hoped for, he said.

The Department of the Treasury's Office of the Inspector General  has identified COVID-19 as a new challenge affecting the organization's interests as the calendar shifts to 2021. 

A report stated that COVID-19 has challenged the Treasury in terms of remote working and added responsibilities, said Richard Delmar, deputy inspector general at OIG.

Treasury has been supporting efforts and addressing responsibilities mandated by the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

The report noted that the department will have to navigate through the pandemic's uncertainty, with potential difficulties in additional workloads.

The department will address the COVID-19 challenges alongside other issues mentioned in the report: operating in an uncertain environment, cyber threats, anti-money laundering, information technology acquisition and project management and efforts to promote spending transparency.

In addition to the challenges posed by COVID-19, the Treasury reported elevated concerns, including the coin redemption program at the United States Mint, managerial cost accounting and internal control matters at the Bureau of Engraving and Printing (BEP).

Col. Brian Russell, commander of the U.S. Marine Corps' II Marine Expeditionary Force Information Group, has said the service branches must integrate information capabilities early in planning procedures ahead of conflict, C4ISRnet reported Wednesday.

Russell said at an Information Professionals Association podcast that partners such as allies and interservice entities bring arrange of capabilities that Marine Corps authorities can leverage to address the military branch's limitations.

“Establishing the relationships with some key allies [and] with some key joint force partners to collaborate as early as possible at the planning level, campaign planning before we’re at the point of action where it’s too late to perhaps consider a partner’s equities, perspectives or authorities and capabilities,” said Russell.

He noted that the U.S. military needs to foster close integration within its branches as competition with other nation-states continues in the information space. Russell added that his team is working to reach out to joint force and allied partners to synchronize their activities.

“It’s not any of those individual capabilities or individual authorities that’s most important, it’s how we weaponeer them together to produce outcomes for the MEF commander. It is combined arms for the 21st Century,” Russell concluded.