The future of the Federal Emergency Management Agency remains up for debate after the Trump administration recently delayed a long-anticipated report from the FEMA Review Council.

Former leaders at FEMA say they expected the council’s report to bring much-needed clarity to the administration’s plan for an agency that has already undergone dramatic changes over the last 11 months.

“I was really eager to see what they were going to put forward, because I think that they were really trying to make a difference,” Deanne Criswell, who served as FEMA administrator during the Biden administration, said during a Monday webinar hosted by the Carnegie Endowment for International Peace.

“I think where it leaves us now, at the end of the year, is still just wondering what is going to be next. What is going to be the future of FEMA as we go forward?” Criswell said. “It just leaves so much uncertainty, as states and locals are trying to plan for their next year, as well as the federal government trying to plan for their budget.”

Pete Gaynor, who served as FEMA administrator during the first Trump administration, said he expected the council’s report to serve as a “north star” for the agency.

“It was going to offer clarity,” Gaynor said. “It was going to offer predictability to FEMA and to the entire emergency management enterprise that we were going to go somewhere transformative. And it hasn’t happened, at least not yet. And I guess the biggest takeaway is, without the report, what happens next?”

The council was set to unveil the report and vote on it at a meeting Friday afternoon. But the meeting was abruptly cancelled late that morning, reportedly over White House concerns about a leaked draft of the report.

The document was first obtained by CNN. The news outlet reported that the draft recommendations include sweeping reforms to FEMA, including cutting the agency’s workforce by 50% and shifting some non-disaster management responsibilities to other entities.

FEMA changes spark pushback

The last-minute delay comes after a year of change for FEMA.

President Donald Trump established the council earlier this year to recommend FEMA reforms. He has repeatedly alluded to eliminating the agency outright. As recently as June, he said the administration wanted to “wean off of FEMA, and we want to bring it back to the state level.”

Homeland Security Secretary Kristi Noem, who serves as co-chairwoman of the council, has echoed Trump’s calls about eliminating FEMA. But in more recent appearances and council meetings, Noem has turned to calling for the agency to be “eliminated as it exists today.”

FEMA has also had three separate acting leaders over the last 11 months. Thousands of FEMA staff have departed the agency since the spring, driven by changes under Noem that have drawn criticism from some remaining employees.

Gaynor said FEMA also needs “a professional, well-respected, well-experienced emergency manager” leading the agency.

“The FEMA administrator job is incredibly hard, incredibly satisfying, but if you don’t have the right person in there, I’m not sure how you actually achieve reform, and I’m not really sure how you get your employees to follow you in that reform,” he said. “Because you’re going to need every single person that’s works for that agency, and every single person that is connected to the emergency management enterprise, to follow along.”

An independent FEMA?

Meanwhile, some House lawmakers are advancing the bipartisan Fixing Emergency Management for Americans Act. The bill would make FEMA an independent agency, moving it out from under the Department of Homeland Security. It also aims to streamline and overhaul FEMA’s disaster management programs and processes to more quickly deliver aid to communities and individuals.

The draft FEMA Review Council report obtained by CNN, meanwhile, would keep the agency under the umbrella of DHS.

Criswell endorsed the idea of making FEMA an independent agency.

“If the FEMA administrator was elevated to a cabinet level, pulled out of DHS, they would have greater ability to coordinate those other secretaries, those other cabinet-level entities to accomplish their mission and long-term recovery,” she said.

Gaynor opposes it, calling such a move a “gigantic distraction.”

“There’s many more things that are important to reforming FEMA, and where FEMA sits exactly, I’m not sure that really counts as true reform,” Gaynor said.

Danielle Aymond, a disaster recovery and FEMA funding specialist at the law firm Baker Donelson, pointed out that the Trump administration likely has a desire to “move fast” with FEMA reform. She said it will be crucial for the White House and Congress work together to iron out any differences with their proposals.

“The most critical point is, in the next few weeks, aligning this FEMA Review Council draft with the current pending legislation in Congress, and I think we can hit the accelerator and before [next] hurricane season, have a totally reformed system through that vehicle,” Aymond said.

The post Former FEMA leaders call for ‘clarity’ amid delayed council report first appeared on Federal News Network.

© AP Photo/Jacquelyn Martin

The Department of Homeland Security is again moving to rescind a collective bargaining agreement with Transportation Security Administration employees, despite an ongoing court case over DHS’ prior move to eliminate the TSA union agreement.

In a Dec. 12 press release, TSA announced that a new “labor framework” would be implemented starting Jan. 11, 2026. The framework rescinds the 2024 CBA between TSA and the American Federation of Government Employees, the agency said.

TSA said the decision is based on a Sept. 29 determination by Homeland Security Secretary Kristi Noem, “Eliminating Collective Bargaining at TSA Due to its Incompatibility with TSA’s National Security Mission and its Adverse Impact on Resources, Flexibility, Mission Focus, Security Effectiveness, and Traveler Experience.”

TSA said Noem’s determination — which it did not release — “establishes that employees performing security screening functions … have a primary function of national security and shall not engage in collective bargaining or be represented for any purposes by any representative or organization.”

Noem also determined that collective bargaining for TSA officers “is inconsistent with efficient stewardship of taxpayer dollars and impedes the agility required to secure the traveling public,” according to the agency statement.

“Our Transportation Security Officers (TSOs) need to be focused on their mission of keeping travelers safe not wasting countless hours on non-mission critical work,” Adam Stahl, senior official performing the duties of TSA deputy administrator, said in the press release. “Under the leadership of Secretary Noem, we are ridding the agency of wasteful and time-consuming activities that distracted our officers from their crucial work.”

AFGE quickly criticized TSA’s announcement. AFGE represents approximately 47,000 airport screeners under the CBA.

“Merely 30 days ago, Secretary Noem celebrated TSA officers for their dedication during the longest government shutdown in history,” AFGE National President Everett Kelley said as part of a statement. “Today, she’s announcing a lump of coal right on time for the holidays: that she’s stripping those same dedicated officers of their union rights.”

AFGE noted that a federal judge earlier this year blocked DHS from dissolving the collective bargaining agreement. The union had brought the lawsuit in response to a previous determination issued by Noem that sought to dissolve the CBA.

In granting the preliminary injunction in June, the judge presiding over the case wrote that Noem’s previous attempt to dissolve the CBA “appears to have been undertaken to punish AFGE and its members because AFGE has chosen to push back against the Trump Administration’s attacks to federal employment in the courts.”

That ongoing case is currently scheduled to go to trial next September.

Kelley said AFGE “will continue to challenge these illegal attacks on our members’ right to belong to a union.” He also urged the Senate to pass the Protect America’s Workforce Act “immediately.”

TSA staff don’t have the same statutory rights as other federal employees under Title 5 of U.S. Code. But in response to longstanding concerns about TSA attrition, then-TSA Administrator David Pekoske in 2022 issued a determination that expanded collective bargaining at the agency to mirror the bargaining rights under Title 5.

TSA and AFGE then negotiated and signed a seven-year collective bargaining agreement last year. The agreement established a streamlined process for grievance and arbitration, expanded official time, fewer restrictions on sick leave, increased uniform allowances and opportunities for local collective bargaining.

In a statement today, AFGE Council 100 President Hydrick Thomas called the decision to revoke the CBA a “slap in the face” to TSA employees

“Prior to having a union contract, many employees endured hostile work environments and workers felt like they didn’t have a voice on the job, which led to severe attrition rates and longer wait times for the traveling public,” Thomas said. “Since having a contract, we’ve seen a more stable workforce, and there has never been another aviation-related attack on our country.”

In its statement, TSA said that agency policy will govern “employment matters previously addressed by the 2024 CBA, and TSA policy will provide for alternative procedures to ensure that employee voices are heard and that legitimate concerns are resolved quickly.”

The post DHS moves to eliminate TSA collective bargaining agreement, again first appeared on Federal News Network.

© The Associated Press

A former Accenture employee has been charged with allegedly misleading federal officials about the security of a cloud platform used by the Army and other agencies.

In an indictment secured by the Justice Department this week, Danielle Hillmer was charged with multiple counts of fraud over allegations that she concealed a cloud platform’s noncompliance with security controls required by the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP).

DoJ’s press release on the indictment states GSA’s Office of the Inspector General has been involved in the investigation.

The indictment doesn’t identify the cloud platform or company that Hillmer worked for at the time of the alleged fraud and obstruction. DoJ’s allegations cover a period between March 2020 and November 2021.

But Hillmer’s LinkedIn shows that during the time in question, she worked for Accenture Federal Services as “lead, cloud managed services” and “business and system owner, cloud management platform services.”

A copy of Hillmer’s LinkedIn profile, which was taken offline this week, shows she left Accenture in December 2021 and was most recently a “senior product manager for public sector” at SentinelOne.

“As previously disclosed in our public filings, we proactively brought this matter to the government’s attention following an internal review. We have cooperated extensively with the government’s investigation and continue to do so,” an Accenture spokeswoman told Federal News Network. “We remain dedicated to operating with the highest ethical standards as we serve all our clients, including the federal government.”

In an Oct. 12, 2023, filing with the Securities and Exchange Commission, Accenture referenced how it made a voluntary disclosure to the government that initiated a DoJ investigation “concerning whether one or more employees provided inaccurate submissions to an assessor who was evaluating on behalf of the U.S. government an AFS service offering and whether the service offering fully implemented required federal security controls.”

“AFS is responding to an administrative subpoena and cooperating with DOJ’s investigation,” AFS wrote at the time.

A spokesman for SentinelOne noted that Hillmer left her position at the company this past August and said DoJ’s allegations have “nothing to do with her work at SentinelOne.”

“In her previous role at SentinelOne, she was not involved in any compliance related work for FedRAMP or any other program,” the spokesman added.

The indictment alleges that in March 2020, Hillmer sought to “uplift” the cloud platform in question from a FedRAMP Moderate to a High authorization, driven by recently awarded Army contracts that required FedRAMP High.

DoJ alleges that Hillmer ignored warnings from a fellow employee and an outside firm that the cloud platform wasn’t compliant with security controls required for a FedRAMP High authorization.

For instance, the indictment alleges that Hillmann was aware that system administrators could access the cloud platform without “necessary” multifactor authentication controls in place.

DoJ alleges Hillmer “concealed known issues” from assessors and authorizing officials, as well as submitted materials to FedRAMP and the Joint Authorization Board “knowing they contained materially false and misleading representations about the platform’s architecture, implementation of security controls and risk posture.”

In July 2021, the FedRAMP program granted the cloud platform a FedRAMP High provisional authority-to-operate (P-ATO), according to DoJ’s indictment. It says at least six departments and agencies, including the Army, used or planned to use the P-ATO to obtain authorizations for cloud products and services. The contracts or subcontracts involved were valued at more than $250 million, according to DoJ.

The criminal charges against Hillmer carry heavy weight, with the wire fraud charge alone carrying a maximum of 20 years in prison.

Lawyers representing Hillmer didn’t respond to an emailed request for comment.

The case is notable, as DoJ has increasingly pursued legal action to enforce federal cybersecurity requirements. DoJ’s Civil Cyber-Fraud Initiative has resulted in multiple False Claims Act settlements with companies for allegedly failing to meet contractual security requirements.

However, a criminal case targeting an individual employee for allegedly misrepresenting security controls will be closely watched in the FedRAMP community.

Most conversations around the cloud security program in recent years have focused on streamlining the FedRAMP process, which is often considered a barrier to agencies accessing new technology.

The post FedRAMP at the center of DoJ’s latest cyber fraud allegations first appeared on Federal News Network.

© Getty Images/iStockphoto/Melpomenem

The Cybersecurity and Infrastructure Security Agency doesn’t want to leave companies hanging when they reach out to CISA with an important innovation or technology development.

That’s a key reason why CISA earlier this month launched an Industry Engagement Platform, referred to as the IEP. The website provides an external portal where companies, nonprofits, academia and others can sign up to share information with the agency.

“We want deep engagement with the private sector technology innovators, and it can sometimes be hard to schedule meetings with the government or share what you’ve been working on,” Bob Costello, CISA’s chief information officer, said in a recent interview with Federal News Network.

Costello said CISA started work on the platform earlier this year with the goal of improving that process. He said the design of the IEP is based on widely used tax preparation services, with easily fillable fields and the ability to suggest meeting times with CISA staff across different divisions, depending on the topic.

“What we’re going to see first and foremost is hopefully shifting to the left or a shorter time period from when a vendor contacts us, to us expressing interest in the scheduling of that meeting, because we have the system handling all of that,” Costello said.

He said the new platform augments the more traditional ways CISA engages with outside organizations, such as requests for information or industry days. The goal is also to help smaller companies get in touch with the agency.

“I do see it as advancing our transparency and accessibility to working with us,” he said. “So much innovation happens in the private sector, as well as in research labs and elsewhere. But we really want to hear from all those innovators that maybe sometimes just don’t even know how to contact us.”

The new platform should also eventually give CISA a wealth of analytics on companies, technologies and sectors it engages with, Costello said. Tracking that engagement over time should also help the agency, he added.

“Maybe one group’s interested, or we see something here, but it’s not quite ready for an investment,” Costello explained. “Come back and talk to us in six months, and then we’re able to actually kind of track that progress in the system as well, too. I think that that’s very helpful overall to that business relationship that we have with industry.”

The cyber agency, which provides a range of cybersecurity and infrastructure services to government and industry, is interested in hearing about innovations in IT and security controls, data analytics, post-quantum security and artificial intelligence.

As the CIO, Costello said he’s particularly interested in automated testing solutions.

“There’s a lot of good work being done on automated testing of IT solutions. Automated or AI-based red teaming of systems is very interesting to us,” he said. “And not just vulnerability scanning, but helping to determine if your system or asset is actually vulnerable to the vulnerability that that’s being disclosed, or if you have other compensating controls in place that make it so that patching within 10 minutes is not really required … That’s the next generation of understanding how we do vulnerability management.”

Meanwhile, the engagement platform is a step toward eventually needing just one account to work with CISA, Costello said. Right now, the agency’s various cybersecurity services, for instance, all have different sign-up portals.

The agency also runs a voluntary cyber incident reporting portal. But under a rule scheduled to be finalized next May, thousands of companies across critical infrastructure sectors will be required to report cyber incidents to CISA, markedly increasing the number of reports the agency will receive.

“We are hoping to come in time where reporting to CISA or sharing information to CISA can happen across automated systems, while always maintaining that capability for a human to share information with us,” Costello said. “I’d really like us to start driving in [fiscal] 26. and we have a lot of really great ongoing initiatives, to get to that more automated sharing of large scale information.”

The post CISA looks for ‘deep engagement’ with innovators via new platform first appeared on Federal News Network.

© Getty Images/iStockphoto/metamorworks

The Pentagon is taking a major step forward in modernizing how it addresses cybersecurity risks.

Defense Department officials have emphasized the need to move beyond “legacy shortcomings” to deliver technology to warfighters more rapidly. In September, DoD announced a new cybersecurity risk management construct to address those challenges.

“The previous Risk Management Framework was overly reliant on static checklists and manual processes that failed to account for operational needs and cyber survivability requirements,” DoD wrote at the time. “These limitations left defense systems vulnerable to sophisticated adversaries and slowed the delivery of secure capabilities to the field.”

Weeding through legacy manual processes

The legacy of manual processes has built up over decades. Jason Venner, a solutions sales director at Diligent, said agencies have traditionally relied on people and paperwork to ensure compliance.

“It’s no one’s fault,” Venner said during Federal News Network’s Risk & Compliance Exchange 2025. “It just sort of evolved that way, and now it’s time to stop and reassess where we’re at. I think the administration is doing a pretty good job in looking at all the different regs that they’re promulgating and revising them.”

Venner said IT leaders are interested in ways to help streamline the governance, risk and compliance process while ensuring security.

“Software should help make my life easier,” he said. “If I’m a CIO or a CISO, it should help my make my life easier, and not just for doing security scans or vulnerability scans, but actually doing IT governance, risk and compliance.”

Katie Arrington, who is performing the duties of the DoD chief information officer, has talked about the need to “blow up” the current RMF. The department moved to the framework in 2018 when it transitioned away from the DoD Information Assurance Certification and Accreditation Process (DIACAP).

“I remember when we were going from DIACAP to RMF, I wanted to pull my hair out,” Arrington said earlier this year. “It’s still paper. Who reads it? What we do is a program protection plan. We write it, we put it inside the program. We say, ‘This is what we’ll be looking to protect the program.’ We put it in a file, and we don’t look at it for three years. We have to get away from paperwork. We have to get away from the way we’ve done business to the way we need to do business, and it’s going to be painful, and there are going to be a lot of things that we do, and mistakes will be made. I really hope that industry doesn’t do what industry tends to do, [which] is want to sue the federal government instead of working with us to fix the problems. I would really love that.”

Arrington launched the Software Fast Track initiative to once again tackle the challenge of quickly adopting secure software.

Evolving risk management through better automation, analytics

DoD’s new risk management construct includes a five-phase lifecycle and then core principles, including automation, continuous monitoring and DevSecOps.

Arrington talked about the future vision for cyber risk management within DoD earlier this year.

“I’m going to ask you, if you’re a software provider, to provide me your software bill of materials in both your sandbox and production, along with a third-party SBOM. You’re going to populate those artifacts into our Enterprise Mission Assurance Support Service,” she said. “I will have AI tools on the back end to review the data instead of waiting for a human and if all of it passes the right requirements, provisional authority to operate.”

Venner said the use of automation and AI rest on a foundation of data analytics. He argued the successful use of AI for risk management will require purpose-built models.

“Can you identify, suggest, benchmark things for me and then identify controls to mitigate these risks, and then let me know what data I need to monitor to ensure those controls are working. That’s where AI can really accelerate the conversation,” Venner said.

Discover more articles and videos now on our Risk & Compliance Exchange 2025 event page.

The post Risk and Compliance 2025 Exchange: Diligent’s Jason Venner on moving beyond manual cyber compliance first appeared on Federal News Network.

© Federal News Network

The Cybersecurity Maturity Model Certification program is officially off the ground.

CMMC is the Pentagon’s program to evaluate whether defense contractors are following requirements for protecting controlled unclassified information. The cybersecurity requirements, based on National Institute of Standards and Technology controls, have been in Defense Department contracts since 2016.

It took years for CMMC to become a reality. But the final rule to implement CMMC into contractual requirements took effect Nov. 10.The rule establishing CMMC as a program had already gone into effect last year.

DoD has a phased implementation plan for the program. During Phase 1, over the next year, the department will largely require CMMC self-assessments from contractors. But DoD programs have the discretion to require Level 2 CMMC third-party assessments over the next year as needed.

Tackling third-party CMMC assessments

During Phase 2, starting next November, those third-party assessments will become standard in applicable contacts.

Those third-party assessments are a key facet of the CMMC program and its goal to ensure defense contractors follow cybersecurity requirements.

The Cyber Accreditation Body is responsible for authorizing the CMMC third-party assessment organizations (C3PAOs) that will carry out those independent assessments. And Matthew Travis, CEO of The Cyber AB, said work is well underway to building out the scaffolding that will support the CMMC program.

“If there’s any remaining skepticism of whether or not the department was serious about this conformity regime, you can now just look at the Code of Federal Regulations and see both rules there,” Travis said during Federal News Network’s Risk & Compliance Exchange 2025. “Now, the real challenge is to scale the ecosystem.”

‘Impending bow wave’

So far, just under 500 defense contractors have voluntarily achieved a Level 2 CMMC certification, Travis shared.

But the Pentagon has estimated that the requirement for a Level 2 third-party assessment could apply to as many as 80,000 companies as CMMC is phased in.

“I am concerned about the impending bow wave that I think we’ll see in demand,” Travis said.

Some C3PAOs already have a backlog of assessments that stretch into next year.

“Now is the time to move if you’re ready,” Travis added. “People are going to start racing to the checkout line, and it’s going to be a wait. So move now if you’re ready, and if you’re not ready, get ready, because the sooner you do it, the sooner you’ll be able get a slot.”

Among the voluntary Level 2 assessments that have occurred to date, Travis said “false starts” have been an issue for some organizations.

“We heard frequently from the C3PAOs that they had to call it off mutually once the organization seeking certification realized all the things that they hadn’t fully done,” Travis said. “And the C3PAO said, ‘We might want to pause here. Go back to work and call us when you’re ready.’ ”

Travis said the 110 requirements required under Level 2 go beyond technical controls.

“It does require an organizational commitment,” he said. “There are physical security requirements, there are training requirements that human resources has to be involved in. There are leadership requirements in terms of resourcing.”

Another key lesson gleaned from early assessments is the need for companies to understand their external service providers. Travis said most organizations rely on cloud service providers or managed service providers for many IT and cybersecurity needs.

But whether they’re a CSP or an MSP — and to what extent they are involved in an organization’s handling of controlled unclassified information — are crucial questions in a CMMC assessment.

“Knowing who’s helping you and knowing your organization is fully committed are probably the two biggest takeaways that we’re hearing from industry,” Travis said.

CMMC’s ‘long pole in the tent’

The Cyber AB, through its no-cost contract with the Pentagon, is responsible for authorizing C3PAOs and certifying the people who conduct CMMC assessments.

Travis said there are just under 600 certified CMMC assessors today. Half of them are eligible to lead assessment teams.

But to meet the envisioned scale of the CMMC program — evaluating tens of thousands of defense contractors annually — Travis estimates there’s a need for between 2,000 and 3,000 assessors.

“That’s the most important part of the ecosystem that has to be grown. … That’s a long pole in the tent,” Travis said.

Initially, the challenge to building a pool of assessors was DoD’s drawn out rulemaking process: There was no financial incentive to become an assessor with no CMMC requirements on the horizon.

But Travis said the challenge now is getting CMMC assessors through the process quickly enough as DoD phases in the requirements. The process of becoming an assessor involves training, exams and passing a Tier 3 DoD background investigation, which is equivalent to being investigated for a secret-level security clearance. Those investigations can often take months.

Travis said assessors don’t necessarily need to start with a technical background. He pitched it as a “great way for folks to get engaged in cybersecurity.”

“Whether it’s a full time job or a side hustle, these assessors are going to be in demand,” Travis said. “And so the compensation that goes with it, I think, is compelling. We are encouraging folks, if they haven’t considered entering into the CMMC program, think about becoming an assessor.”

Discover more articles and videos now on our Risk & Compliance Exchange 2025 event page.

The post Risk & Compliance Exchange: Cyber AB’s Matt Travis on scaling the CMMC ecosystem first appeared on Federal News Network.

© Federal News Network

Investigators at the Office of Special Counsel returning to their jobs earlier this month would likely have been greeted with multiple Hatch Act complaints after a wave of alleged partisan political messaging by federal agencies during the shutdown.

Throughout the 43-day shutdown, multiple agencies posted messages on their websites blaming the shutdown on the “radical left,” “Democrats” and other politically tinged phrases.

Those actions immediately drew multiple Hatch Act complaints. The 1939 law restricts political activities by federal employees and is intended to ensure the nonpartisan administration of government programs.

The Education Department also changed furloughed employees’ out-of-office email replies to blame the shutdown on “Democrat senators.” A federal judge earlier this month found that the agency had violated employees’ First Amendment rights. Education was forced to change the out-of-office reply shortly before the shutdown ended.

“In this compressed timeframe, we haven’t seen this level of potential Hatch Act violations with regards to just changing emails, publishing these notices on the government websites and engaging in this partisan messaging,” Michael Fallings, managing partner at law firm Tully Rinckey, told Federal News Network.

The use of federal agency websites for such messaging was also a novel development in the long-running evolution of the Hatch Act.

Kedric Payne, who helped represent Education Department employees as vice president, general counsel and senior director of ethics at the Campaign Legal Center, said the shutdown messaging “could have been a test run of what may happen during the election year.”

“You could imagine a situation where, during the election year, there may be similar banners, similar email statements and other communications coming from the agencies that are partisan,” Payne told Federal News Network. “If there are no consequences for what happened during the shutdown, there’s not a real threat for the agencies to limit themselves on violating the Hatch Act or First Amendment rights.”

Office of Special Counsel role

OSC is responsible for investigating Hatch Act complaints. But most OSC staff were furloughed through the shutdown. Out of the agency’s 122 employees, just 17 were kept onboard, according to the OSC shutdown plan. Those excepted staff were primarily focused on handling whistleblower disclosures “involving a substantial and serious risk to public health or safety or those requiring emergency action to protect property.”

Multiple nonprofit organizations publicized their Hatch Act complaints. The total number of Hatch Act complaints received by OSC isn’t public, and OSC didn’t respond to a request for comment.

But given OSC’s relatively small staff, the backlog of work due to the furlough, and the large number of known complaints, Fallings expects the Hatch Act cases will likely face delays. OSC typically takes 120 days to conduct preliminary reviews, but there isn’t a statutory deadline for completing Hatch Act investigations.

“I think what OSC would do is try to figure out which complaints may have the most proof of a violation, and pursue those,” Fallings said.

In his opinion siding with Education Department employees and their union, District Judge Christopher Cooper referenced the Hatch Act and pointed to the executive branch’s “multifront campaign to assign blame for the government shutdown.”

“It began by plastering politically-charged language on official public websites,” Cooper wrote. “Apparently, that wasn’t enough. The department waited until its furloughed employees lost access to their email, then gratuitously changed their out-of-office messages to include yet another partisan message, thereby turning its own workforce into political spokespeople through their official email accounts. The department may have added insult to injury, but it also overplayed its hand.”

While the case ultimately hinged on federal employees’ First Amendment rights, Payne said Cooper’s ruling “recognized the spirit of the Hatch Act and its role in making sure that you don’t have government employees saying something that would be considered partisan.”

With OSC having primary responsibility to enforce the Hatch Act, legal experts are closely watching what happens next with the shutdown complaints.

If OSC finds a Hatch Act violation occurs, it can bring the case before the Merit Systems Protection Board. The penalties for a Hatch Act violation can include removal from federal service, a reduction in grade, debarment from federal employment for up to five years, suspension, reprimand or a civil penalty of up to $1,000.

But OSC itself has also been at the center of the Trump administration’s efforts to rein in independent agencies. Trump earlier this year fired Special Counsel Hampton Dellinger with no explanation, drawing a short-lived legal battle.

And Trump’s nominee to replace Dellinger recently withdrew from consideration after offensive text messages came to light.

Jamieson Greer, the United States Trade Representative, is currently dual-hatted as acting Special Counsel.

“In the past, the Office of Special Counsel has been very thorough releasing opinions that give clear guidance on what activities are or are not violation of the Hatch Act,” Payne said. “But we’re not clear whether or not this agency will do that this time.”

The post What happens next with shutdown Hatch Act complaints? first appeared on Federal News Network.

© Getty Images/iStockphoto/gorodenkoff

The Office of Management and Budget has released some funding for the Council of the Inspectors General on Integrity and Efficiency, after an earlier decision to effectively defund CIGIE led to the shuttering of multiple Office of Inspector General websites.

OMB apportioned just under $4.3 million for CIGIE, according to an announcement from Sens. Chuck Grassley (R-Iowa) and Susan Collins (R-Maine). The pair of senators had pushed OMB to release funding for CIGIE and the Pandemic Response Accountability Committee.

“We are pleased that following our continued outreach, OMB is releasing the funding that Congress provided for CIGIE to continue its vital work,” Grassley and Collins said. “This action, building on OMB’s earlier decision to release funding for PRAC, ensures that these important oversight entities can remain focused on delivering the accountability American taxpayers deserve. Our oversight of the administration’s actions, and CIGIE’s work, will continue.”

Grassley and Collins added that the funding will last CIGIE through Jan. 30. OMB is also conducting a “programmatic review of CIGIE’s activities,” they said.

OMB did not immediately respond to a request for comment. The Washington Post first reported on the funding decision.

In late September, OMB decided not to apportion funding for CIGIE in fiscal 2026, despite funds being available through the shutdown. Tammy Hull, the acting chairwoman of CIGIE, informed lawmakers of OMB’s decision, warning that the shuttering of the council would “result in the loss of shared services and cost-efficiencies” that support 72 offices of inspectors general across government.

On Oct. 1, multiple agency IG websites went offline due to the funding decision. CIGIE provides hotline capability and website services for 28 OIGs through Oversight.gov.

As of Tuesday afternoon, Oversight.gov was back online after being down for nearly seven weeks.

Congress created CIGIE in 2008 to professionalize the IG community. In addition to providing web and hotline services, CIGIE also conducts training, develops quality standards, and serves as an accountability function within the OIG community through its Integrity Committee.

But Trump administration officials have accused IGs of corruption, without offering evidence.

“Inspectors general are meant to be impartial watchdogs identifying waste and corruption on behalf of the American people,” OMB spokesman Armen Tooloee said in September regarding the original decision to defund CIGIE. “Unfortunately, they have become corrupt, partisan, and in some cases, have lied to the public. The American people will no longer be funding this corruption.”

President Donald Trump fired 17 IGs at the outset of his second term, in a move a federal judge later ruled to be illegal because he didn’t provide the required notification to Congress.

CIGIE in the recent past has also drawn the ire of conservative groups that view it as part of the “administrative state.” In a 2023 lawsuit, lawyers for Department of Homeland Security Inspector General Joseph Cuffari argued that CIGIE’s Integrity Committee was “a threat to the Constitution.” The Integrity Committee was investigating Cuffari’s actions as IG, including his handling of a review into deleted Secret Service texts from the Jan. 6, 2021 Capitol riot.

The post OMB reverses course on defunding CIGIE first appeared on Federal News Network.

© AP Photo/J. Scott Applewhite

The Federal Communications Commission is set this week to vote on reversing cybersecurity rules for telecommunications providers that were put forward following the sweeping “Salt Typhoon” hacks.

The FCC’s meeting on Thursday includes plans to consider an order to rescind a ruling and proposed rules published in the waning days of the Biden administration. The January ruling requires telecom operators to secure their networks under Section 105 of the Communications Assistance for Law Enforcement Act.

But current FCC Chairman Brendan Carr argues that ruling “exceeded the agency’s authority and did not present an effective or agile response to the relevant cybersecurity threats.”

The proposed order would rescind the January ruling and withdraw proposed cybersecurity rules for telecom operators.

Instead, the FCC “should instead continue to pursue an agile and collaborative approach to cybersecurity through federal-private partnerships that protect and secure communications networks and more targeted, legally sound rulemaking and enforcement,” according to a factsheet on the order of reconsideration.

‘Worst’ hack ever

The Salt Typhoon campaign was revealed in 2024. It involved penetrating hacks into U.S. telecom networks and others across the globe. The hackers were reportedly able to target the communications of political figures and government officials, including then-candidate Donald Trump and running mate JD Vance.

U.S. officials have said Chinese-government sponsored hackers are behind the campaign. Senate Intelligence Committee Ranking Member Mark Warner (D-Va.) has described it as “the worst telecommunications hack in our nation’s history.”

The Cybersecurity and Infrastructure Security Agency has since said the Salt Typhoon campaign overlapped with global threat activities targeting multiple sectors, including telecommunications, government, transportation, lodging, and military infrastructure networks.

“While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted connections to pivot into other networks,” CISA wrote in a September advisory. “These actors often modify routers to maintain persistent, long-term access to networks.”

In rolling out the January rules, Biden administration officials argued they represented a “critical step to require U.S. telecoms to improve cybersecurity to meet today’s nation state threats, including those from China’s well-resourced and sophisticated offensive cyber program.”

However, the FCC’s current leadership says the rules misinterpreted the law and “unnecessarily raised and purported to resolve issues that were not appropriate for consideration in the absence of public input.” The FCC’s factsheet also references the commission’s “recent engagement with providers and their agreement to take extensive steps to protect national security interests.”

In an October letter to the FCC, lawyers representing several telecom associations argued that the January ruling “would significantly undermine” public-private partnerships. They argued that telecom providers had voluntarily collaborated with federal agencies to investigate Salt Typhoon and adopted stronger cybersecurity measures.

Warner and Sen. Ron Wyden (D-Ore.) are also pressing the Department of Homeland Security to release an unclassified 2022 report on security vulnerabilities in the U.S. telecom sector. They argue that by not releasing the report, DHS is undermining public debate over how to best secure telecom networks in the wake of Salt Typhoon.

“The Salt Typhoon compromise represents one of the most serious espionage campaigns against the communications of U.S. government leaders in history, and highlighted important gaps in our nation’s communications security – in some cases, with providers ignoring basic security precautions such as credential re-use across network appliances and failure to adopt multi-factor authentication for highly privileged network administrator accounts,” Warner and Wyden wrote in a recent letter to DHS and the Office of the Director of National Intelligence.

Meanwhile, the House on Monday passed the “Strengthening Cyber Resilience Against State-Sponsored Threats Act.” The bill would establish a joint interagency task force to address China-linked cyber threats, including Salt Typhoon. The task force would be led by CISA, with involvement from the Justice Department, the FBI and several sector-risk management agencies.

The post FCC to vote on reversing cyber rules adopted after Salt Typhoon hack first appeared on Federal News Network.

© AP Photo/Andrew Harnik