Cybersecurity issues are likely to be front and center at the House Government Operations Subcommittee’s Dec. 15 hearing at which the panel will unveil the 15th edition of the House Oversight and Reform Committee’s FITARA (Federal Information Technology Acquisition Reform Act) Scorecard.
The scorecard grades the 24 largest Federal government agencies for improvements on a range of IT and cybersecurity-related categories. The grades are determined by subcommittee leaders with input from the Government Accountability Office (GAO).
The witness list for the hearing at 9:00 a.m. notably features Federal Chief Information Security Officer (CISO) Chris DeRusha.
He will be joined by Jason Gray, who became chief information officer (CIO) at the U.S. Agency for International Development earlier this year after a long stint as CIO at the Department of Education.
Also testifying will be Carol Harris and Jennifer Franks, both directors of information technology and cybersecurity at GAO.
At the subcommittee’s hearing in late July to review the results of the 14th edition of the FITARA Scorecard, members from both sides of the aisle complained about a lack of sufficient data to determine how Federal agencies were performing on the cybersecurity front.
Some committee members faulted the Office of Management and Budget (OMB) for failure in its statutory obligation to deliver key agency-specific cybersecurity data derived from compliance with the Federal Information Systems Management Act (FISMA), and subcommittee Chairman Gerry Connolly, D-Va., chided the Biden administration for not producing timely agency-level security data.
Rep. Connolly said in July he was looking forward to capturing better cybersecurity data, and GAO’s Harris said her agency was working with OMB to do the same. For its part, OMB indicated it was still working on determining what data it could make public without putting agency security at risk. The subcommittee chairman said he was hopeful that the dearth of cyber-related data would not be long-lasting.