Information security remains a prevalent concern for the State Department based on numerous previous recommendations regarding fundamental information technology-related issues that still require close attention, according to a recent agency Office of Inspector General (OIG) report.

The report assesses 107 unclassified, open OIG recommendations from 19 reports addressed to the Bureau of Information Resource Management (IRM) as of July 30, 2021. OIG found that IRM had addressed three of the 107 recommendations and closed one duplicative recommendation related to risk management, one related to data protection and privacy, and one related to general IT policies. Additionally, OIG closed 14 recommendations in August 2021 as part of its normal compliance process.

However, the remaining 90 recommendations – 57 percent of which dated back to fiscal 2019 or earlier – remain relevant and require “close attention to close them,” the report read.

A larger number of the recommendations involve configuration management of products and systems to ensure information security. The other unaddressed recommendations pertain to several areas including as risk management, IT investments, contingency planning, and shared services.

To facilitate closing the remaining recommendations addressed to IRM, OIG made two recommendations to Carol Perez, the agency’s under secretary for management. OIG recommended her office develop a method for periodically reviewing IRM’s efforts – and indicated that step has since been taken.

OIG also recommended that Perez’s office verify IRM plans of action and milestones (POA&M) documented for all 90 recommendations. However, Perez disagreed with that recommendation, explaining that if the end goal is for IRM to solve open recommendations, developing an individual action plan for each recommendation is “overly cumbersome.”

“IRM’s staff, time, and resources are better spent working on compliance-related activities, maintaining a high standard of day-to-day operations, and communicating directly with OIG,” Perez wrote in her response to OIG.

However, OIG argued that under guidance from the National Institutes of Standards and Technology, agencies are required to develop a POA&M, and that Perez must submit a POA for the recommendation. […]

The Department of State is developing a suite of multiple-award contracts to modernize its end-to-end information technology (IT) service delivery that could be worth up to $8 billion. […]

The State Department’s Office of Inspector General (OIG) said in a new report that it found deficiencies in State’s reporting of security clearance data to the Office of the Director of National Intelligence (ODNI) during fiscal year 2019. […]

The State Department’s new Enterprise Data Strategy released on September 27 outlines the central role that data will play in the agency’s use of emerging technologies, and how the strategy will help the United States deal with global threats. […]

The U.S. Department of State awarded AT&T a $609 million 5-year task order to provide telecommunication support to the Department’s vast network of more than 270 diplomatic posts and operational sites worldwide. […]

The State Department is taking a mission-oriented mindset when deploying cloud services to operate effectively within a multi-cloud environment and to avoid unnecessary costs, an agency official said on August 26 during an FCW webinar.  […]

The State Department’s Office of the Science and Technology Adviser (STAS) has been an asset for the State Department in the ten years since its inception. Still, a failure to develop implementation plans and constant personnel and leadership turnover hampered the agency’s overall effectiveness, according to a recent audit from the department’s Office of Inspector General (OIG). […]

The State Department’s Office of Inspector General (OIG) has found in a follow-up audit that the agency’s Bureau of Information Resource Management (IRM) has taken corrective action on one of several recommendations the OIG made in 2016 to improve IT management practices, but said the bureau still has work to do on another four recommendations. […]

While the State Department Office of Technology Services’ (OTS) information system processes were compliant with many Department of State and Federal standards, there were some significant areas that require management attention, according to a new report from the Office of Inspector General (OIG). […]

The Department of State is eyeing its Enterprise Vulnerability Scanning Solution (EVSS) for a “technical refresh” to ensure cybersecurity officials at the agency can keep pace with vulnerabilities on State Department networks. […]

The State Department’s Bureau of Information Resource Management (IRM) is seeking a new acquisition strategy and intends to award a multiple award indefinite delivery, indefinite quantity (IDIQ) contract worth up to $4 billion. […]

The White House said March 26 that President Biden plans to nominate Brett Holmgren to become assistant secretary of State for Intelligence and Research.  […]

The COVID-19 pandemic “exponentially accelerated” the pace of change in government IT – including the move to hybrid cloud infrastructures – and increased data sharing at Federal agencies like the State Department, government and industry officials said. […]

The U.S. Department of State streamlined workflows and accelerated application development timelines with a cloud-based service management solution to support the needs of a remote workforce during the coronavirus pandemic. […]

A bipartisan group of senators led by Sen. Mark Warner, D-Va., on March 4 introduced the Democratic Technology Partnership Act, which would create an interagency effort aimed at forming technology partnerships among democratic countries to counter Chinese tech dominance. […]

Vice Admiral Nancy Norton will hand over command of the Defense Information Systems Agency (DISA) and Joint Force Headquarters Department of Defense Information Network (DODIN) on Feb. 26, the admiral said today. […]

Ian Wallace has joined the State Department to serve as a senior advisor for the Office of the Coordinator for Cyber Issues (S/CCI). Wallace tweeted that his new role will focus on cyber capacity building. […]

The Department of State had notified Congress in 2019 of its plans to create a bureau within the department to focus on cybersecurity, but a lack of data and evidence to justify the proposal may halt its progress. […]

With the Biden administration taking office Jan. 20, the Federal CIO Council has named acting CIOs at five of the seven agencies where the position is helmed by political appointees who are obliged to step down at the end of presidential administrations. […]

Four lawmakers are criticizing Secretary of State Mike Pompeo’s approval of a new cybersecurity and emerging technologies bureau and calling for President-elect Joe Biden to hit pause when he is sworn in and takes office. […]

Secretary of State Mike Pompeo approved the establishment of the Bureau of Cyberspace Security and Emerging Technologies (CSET) within the Department of State on Thursday to lead diplomatic efforts to deflect cyberattacks from foreign countries.  […]

The State Department has kicked off the new year with a bang. The Department announced on Jan. 4 that it has appointed Dr. Matthew Graviss as its first-ever Chief Data Officer (CDO). Graviss will lead the Office of Management Strategy and Solution’s Center for Analytics (CfA), which is the State’s enterprise data capability. […]

While larger Federal government agencies had the resources necessary to facilitate a shift to large-scale telework earlier this year, some smaller agencies had a more difficult time mounting similar efforts, a State Department official said at a Dec. 9 AFCEA Bethesda webinar. […]

The Government Accountability Office (GAO) today reported results of its review of Federal agency efforts to reduce IT contracts duplication, and found that four of the seven agencies reviewed had fully or partially taken recommended steps to regularly identify potential contract duplication. […]

The three biggest linchpins for the Department of State’s successful implementation of telework across the enterprise each involve longer-term IT investments that the agency was able to make prior to the coronavirus pandemic, and each of those investments has paid big dividends in agency performance since March. […]

As the U.S. faces increased foreign cyber threats, the Department of State said in 2019 that it would stand up a Bureau of Cyberspace Security and Emerging Technologies (CSET) to address these threats, but according to the Government Accountability Office (GAO), State hasn’t informed or involved other partners in the bureau planning, which could increase risks of duplicating efforts. […]

Worldwide traveling restrictions have limited the Department of State’s progress for its Agency Priority Goal Action Plan of enhancing security monitoring solutions, the agency reported in a September update to its PMA goals. […]

Despite the disruption caused by the COVID-19 pandemic, the Department of State has managed to meet or be on track for the majority of its Q3 FY2020 goals set in its Agency Priority Goal Action Plan for IT Modernization as part of the President’s Management Agenda (PMA). […]

The Federal Communications Commission has scheduled a Forum on 5G Open Radio Access Networks (Open RAN) for September 14. […]

A Department of State program is offering up to $10 million to help identify bad actors, individuals who are working with or for a foreign government with the purpose of interfering with U.S. elections through certain cyber acts. […]