Before diving into our last edition of our weekly newsletter for 2024, I and my colleagues at W2 Communications would like to express appreciation for the interest we’ve received in these weekly updates and to thank our subscribers for their continuing interest. We look forward to more engagement with you in the coming year.
This week, I’m providing a roundup of the week’s news in two areas of tech that have dominated the government tech media’s attention this year: AI and cybersecurity.
AI Growth Across Government
It’s no exaggeration to say that the use of AI in the government exploded this year, both at the federal and state/local levels. Here are the latest headlines:
- The Office of Management and Budget reported this week that the number of federal government use cases for AI doubled to more than 1,700, according to an article by Cate Burgan for MeriTalk. However, Alexandra Kelley noted in her reporting for Nextgov/FCW that discrepancy in how agencies report AI risk mitigation remains a concern. In FedScoop, Madison Alder reported that most uses were focused on mission enablement, health and medical applications, and government services such as benefits and service delivery.
- In one of the more broadly publicized examples of new AI use cases, the Department of Homeland Security (DHS) unveiled a new chatbot that employees will use to help draft reports, summarize critical information, develop software and more, as described by Edward Graham in Nextgov/FCW. Weslan Hansen wrote in MeriTalk that the app is based on commercial generative AI tools like ChatGPT. Rebecca Heilweil covered the story for FedScoop and also provided a broader look at the nearly 160 AI applications currently in use at DHS.
- In other (and less positive) DHS AI news, Heilweil reported in FedScoop that the Government Accountability Office issued a report this week noting that DHS has to do a better job of getting agencies to assess AI-related risk within their operations.
- Looking at AI news from Capitol Hill, Caroline Nihill of FedScoop reported that the House AI task force issued a nearly 300-page report this week detailing recommendations to Congress to guide government adoption of AI. In her article for Nextgov/FCW, Kelley noted that the report seeks to balance the need for innovation with unintended negative outcomes. In MeriTalk, Hansen wrote that the task force is seeking a more “agile approach” to government AI adoption.
- In Defense Department AI news, Patrick Tucker at Defense One shared a thoughtful feature on whether the growth of military AI will herald “an era in which software firms seize the influence now held by old-line defense contractors.” And Brandi Vincent reported in DefenseScoop that changes are afoot at the Pentagon’s Chief Digital and AI Office to help meet AI demand from across the department.
New Cybersecurity Guidance
As the year comes to a close, cybersecurity laws, mandates and guidance continue to come to the fore:
- David DiMolfetta reported in Nextgov/FCW on Congress passing the 2025 National Defense Authorization Act with several cybersecurity-related provisions focused on aiding U.S. allies and improving cyber defense at home. In MeriTalk, Lisbeth Perez noted that the bill includes some AI-related provisions as well.
- In related Defense cybersecurity news, Perez also reported that the Cybersecurity Maturity Model Certification (CMMC) rule for assessing Defense cybersecurity requirements passed congressional review and is now officially complete. Jon Harper covered the development for DefenseScoop, reporting that defense contractors working with controlled unclassified information will now be required to meet various levels of compliance, depending on the type of information they handle.
- In another widely reported story, the Cybersecurity and Infrastructure Security Agency (CISA) issued new guidelines to agencies related to the implementation of secure practices for cloud services, according to a piece by Matt Bracken for CyberScoop. In coverage for Federal News Network, Justin Doubleday wrote that the guidance requires agencies to fix security gaps in their Microsoft 365 applications and other widely used cloud computing applications. Grace Dille also reported in MeriTalk that agencies are directed to deploy CISA-developed automated configuration assessment tools to meet baseline requirements.
- We also saw a burst of CISA coverage from commercial tech publication Security Week, where Ionut Arghire wrote about the cloud security directive as well as an article on CISA’s release of a new draft national cyber incident response plan and another on CISA and EPA guidance to water facilities to improve cyber protection of internet-connected assets.
- And let’s not forget Salt Typhoon. In the wake of this widely reported telecom breach, CISA issued guidelines Wednesday to safeguard the mobile communications of high-level government employees, reported in CyberScoop by Greg Otto. Burgan’s article in MeriTalk on the guidance listed eight best practices recommended by CISA. In industry trade publication TechCrunch, Carly Page wrote that the guidance calls on officials to use advanced security features and end-to-end encryption in their devices.
Gov & Beyond
This week, there’s a new episode of the W2 Communications Gov & Beyond podcast featuring an extremely informative and enjoyable interview with Nick Wakeman and Ross Wilkers of Washington Technology. You’ll hear all about what they’ve learned from their reporting over the years and what they are looking forward to in 2025.
Speaking of Washington Technology, you should also check out the insights offered by W2 Communications’ own Evan Weisel in an opinion piece on the importance of thought leadership in the government technology market.
That wraps it up for 2024. We look forward to continuing to keep you apprised on trends in the government tech news media in 2025 and beyond. I’ll be back in January with my next roundup. In the meantime, we wish you a very happy holiday season.