As the year comes to an end, we’re taking a look back at the top 10 Federal IT moments of 2022. This year, the government faced midterm elections, new policy directions, big contract awards, and much more over a busy year for Federal technology.
While everyone enjoys a holiday break, here’s a look – in no particular order – at the top ten Federal IT moments of 2022:
Pay Raise for Feds
President Biden confirmed his intention to give Federal civilian employees a 4.6 percent pay raise next year – making it the largest Federal pay raise in 20 years. President Biden said the across-the-board base pay raise will be 4.1 percent and locality pay raises will average 0.5 percent, resulting in an overall average increase of 4.6 percent – consistent with his fiscal year (FY) 2023 budget. The FY2023 National Defense Authorization Act (NDAA) also features a 4.6 percent increase in basic pay for military service members.
Biden Signs Chips and Science Act
A major piece of legislation that President Biden signed into law this year is the Chips and Science Act. The CHIPS Act portion of the legislation provides $52 billion of funding to incentivize semiconductor makers to establish new manufacturing plants in the United States. President Biden also signed an executive order in August to jumpstart the implementation of the CHIPS Act. The primary tech-related provisions in the Chips and Science Act were resurrected from the more wide-ranging USICA/COMPETES legislation that failed to progress through a House-Senate conference committee earlier this year.
DoD Awards JWCC Contracts
In December, the Department of Defense awarded its long-awaited Joint Warfighting Cloud Capability (JWCC) cloud contracts to the four bidders that have been in the mix for sizable chunks of the contract since the beginning of the process – Amazon Web Services, Google Support Services, Microsoft, and Oracle. The Pentagon first announced its multi-vendor cloud contract plan in July 2021, after previous failed attempts to develop a single-vendor $10 billion Joint Enterprise Defense Infrastructure (JEDI) cloud services contract. Goodbye JEDI, hello JWCC.
Okay, so this one technically happened in December 2021, but the Federal government responded throughout 2022. The Cybersecurity and Infrastructure Security Agency (CISA) warned Federal agencies of the Log4j vulnerability late last year and helped them to remediate the vulnerability throughout 2022. Log4j is a popular Java library widely used in software products as a logging framework. By July 2022, the Cyber Safety Review Board (CSRB) praised CISA for its response to the ongoing vulnerability, and found that there had not been any significant Log4j-based attacks on U.S. critical infrastructure.
OMB Issues Final PMA Learning Agenda
The White House’s Office of Management and Budget (OMB) issued the final draft of its President’s Management Agenda (PMA) Learning Agenda in September of this year, in an effort to address critical management learning gaps across government. OMB also issued several quarterly PMA updates throughout 2022, outlining the Biden administration’s progress on its three PMA priorities focused on strengthening the Federal workforce, customer experience, and government business management.
FITARA 14 and 15 Scorecards
Once again, 2022 brought two new exciting FITARA Scorecards. The 14th installment of the House Oversight and Reform Committee’s FITARA Scorecard issued by the committee in July showed that the 24 largest Federal agencies trended toward lower grades across several IT-related performance categories. However, the 15th edition of the FITARA Scorecard issued in December by the committee revealed that the IT-related gradings for the largest Federal government agencies moved moderately higher. In both instances, the committee is still sorting through how to get a better fix on agency cybersecurity performance.
VA Pauses EHRM Deployments to June 2023
The Department of Veterans Affairs (VA) has faced a troubled rollout of its Electronic Health Records Modernization (EHRM) program this year, amid congressional scrutiny over program missteps and complaints from frontline staff. However, the VA made the decision in October to delay further deployments of its Oracle Cerner EHR system until June 2023 to address concerns with the system, assess performance, and ensure it functions effectively for veterans and VA health care personnel.
DoD Releases Long-Awaited Zero Trust Strategy
In November, the Department of Defense (DoD) released its long-anticipated zero trust strategy and roadmap outlining how the agency plans to fully implement a department-wide zero trust cybersecurity framework by fiscal year (FY) 2027. DoD CIO John Sherman first announced DoD’s intention to implement a department-wide zero trust architecture in late August. Sherman acknowledged that the plan is ambitious, but that it had to be because current and future cyber threats and attacks have driven the need for a zero trust approach that goes beyond the traditional perimeter defense approach.
Senate and House Pass FY2023 NDAA – Biden Up Next
Both the Senate and House have voted to approve the FY2023 National Defense Authorization Act (NDAA), which green-lights $847 billion of spending for defense-related purposes, and includes numerous technology and cybersecurity provisions. Notably, the FY2023 NDAA features legislation to codify into law and update the Federal Risk and Authorization Management Program (FedRAMP). It also includes numerous cybersecurity-related provisions and funding bumps for a variety of DoD security functions. President Biden was expected to sign the NDAA bill sometime last week.
This year was an election year, and the 2022 midterm elections revealed that the outlook is strong for continued and relatively bipartisan work on both Federal IT and cybersecurity topics. While ideology and political rancor won’t likely derail work on the tech front, finding robust new funding for Federal IT and cybersecurity issues may become more of an uphill climb with Republicans controlling the House. At the same time, both sides of the aisle are hungry to learn more about the scale of improvements that can be expected from the last two years of investments in IT and security improvements, so the next two years are a good bet to feature more intensive oversight.
Happy Holidays from MeriTalk! We wish you a cyber-safe and secure holiday season and can’t wait to see what 2023 brings.