The Wrap: Government Doors Stay Open; AT&T Outage Sparks CI Convo; Say Cheese!

Welcome to The Wrap for Friday, March 1!

From the newsroom at MeriTalk, it’s the quickest read in Federal tech news. Here’s what you need to know today:

Government Doors Stay Open

The doors of the Federal government will stay open … well, for now at least. President Biden signed another short-term spending measure into law on Friday, avoiding a partial government shutdown this weekend and keeping one set of Federal agencies operating through March 8 and another through March 22. Congress voted on Thursday to approve the stopgap bill – the House by a vote of 320-99, and then the Senate by a vote of 77-13. “This bipartisan agreement prevents a damaging shutdown and allows more time for Congress to work toward full-year funding bills. That’s good news for the American people. But I want to be clear: this is a short-term fix – not a long-term solution,” President Biden said in a statement. “In the days ahead, Congress must do its job and pass full-year funding bills that deliver for the American people.” So, what happens next? Sen. Patty Murray, D-Wash., chair of the Senate Appropriations Committee, said they’re “working hard with our colleagues to get this wrapped up and take a shutdown completely off the table by passing the strongest bipartisan spending bills we can – and hopefully soon.”

AT&T Outage Sparks CI Convo

Tech policy experts on Capitol Hill said on Thursday that the recent AT&T outage across the nation showed the importance of the resiliency of America’s critical infrastructure. Slate Herman, counsel for the House Energy and Commerce Communications and Technology Subcommittee, said during the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon on Feb. 29 in Washington, D.C., that lawmakers are using the incident as an opportunity to test the nation’s critical infrastructure resilience and the corresponding response. “We’re still in talks with AT&T and trying to figure out what happened and so looking forward to see what we can learn from this instance,” Herman said, adding, “Luckily, I don’t believe that this was a cyberattack and so, in the future if that were to occur, I think this was a great opportunity for us to see what sort of resilience exists.” The background: On Feb. 22, tens of thousands of Americans had trouble making phone calls, sending texts, reaching emergency services, or even accessing the internet because of a nearly 12-hour AT&T network outage. Consider yourselves lucky, Verizon customers.

Say Cheese!

As it turns out, the type of camera you buy matters in the Federal government. The leadership of the House Oversight Subcommittee on Cybersecurity, IT, and Government Innovation probed the General Services Administration (GSA) CIO Thursday on the agency’s purchase of Chinese-made videoconference cameras that contained known security vulnerabilities. Chairwoman Nancy Mace, R-S.C., noted that the GSA employees were acting with sheer “incompetence” during the procurement of the equipment, and Ranking Member Gerry Connolly, D-Va., called the recently uncovered actions by GSA’s internal watchdog “a very troubling episode.” However, GSA CIO David Shive testified that his employees did not intentionally seek to mislead, while also denying findings that the purchasing arm of the Federal government failed to comply with the Trade Agreements Act of 1979 (TAA). “GSA fully supports the purchase and use of American-made products wherever possible, and is committed to complying with all acquisition statutes, including the BAA [Buy American Act of 1933] and the TAA,” Shive said, adding, “GSA was in full compliance with BAA for both the first and second procurement of our cameras.” The bottom line: Shive said the TAA didn’t apply to either acquisition because neither “equaled nor exceeded the threshold of $183,000.”

Ditch Defense in Depth

That was a key takeaway from Office of Personnel Management (OPM) CIO Guy Cavallo, who told attendees of the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon on Feb. 29 to ramp up their zero trust efforts. “What I love about zero trust is that it forces you to really look at every individual and what resources do they need in your agency. The defense in depth world will not survive today’s AI attacks – period. You will lose every time,” Cavallo said. To further explain his point, the CIO compared defense in depth to going to a baseball game at D.C.’s Nationals Park. For instance, he said defense in depth is like having a ticket to the game and gaining access through the gate, but once you’re in, you can go on the field or in the dugout. “With zero trust, what we’re saying is, ‘Guy Cavallo uses these four applications, once he’s in the OPM network, those are the only things he can get to,’” he explained. “So, that level of granularity is really important.” Pro tip to all of our Nats fans out there: don’t try to run on the field.

Treasury Uses AI to Recoup $375M

We’re giving a big shoutout to the Treasury Department today, who said it recently recovered over $375 million worth of fraudulently transmitted money through a new AI-enhanced fraud detection process. The Treasury Department’s Office of Payment Integrity (OPI) has implemented an AI mitigation technique to stop check fraud that uses near real-time abilities. “The Treasury Department is committed to safeguarding taxpayer dollars through payment integrity – paying the right person, in the right amount, at the right time, and ensuring that Social Security payments, tax refunds, and other types of checks, and people who are receiving them, are safe from fraud,” said Deputy Secretary of the Treasury Wally Adeyemo.

Once again, let’s “call IT a day,” but we'll bring you more on Monday. Until then, please check the MeriTalk breaking news website throughout the day for the latest on government IT people, process, and policy. And finally, please hit the news tip jar (with leads, breaking news, or simply your two cents) at [email protected] .