Interview transcript:
Terry Gerton Well, there’s a lot of things happening in your world. Let’s talk about, first, the new memo that came out at the end of August that talks about FedRAMP 20x. Put that in plain language for folks and then tell us what it means for PSC and its stakeholders.
Jim Carroll Yeah, I think really what it means, it’s a reflection of what’s happening in the industry overall, the GovCon world, as well as probably everything that we do, you know, even as individual citizens, which is more and more reliance on AI. What we’re seeing is the artificial intelligence world has really picked up steam, not only I saw mention of it on the news today and they were talking about — every Google search now incorporates AI. So what we’re seeing with this GSA and FedRAMP initiative is really trying to fast track the authorization of the cloud-based services side of AI. Because it really is becoming more and more part of every basic use, not only in our private lives, like they talk about, but also in the federal contracting space. And what we are seeing are more and more federal government officials using it for routine things. And so I think what this is is really a reflection that they are going to move this as quickly as possible, in recognition that the world is changing right in front of us.
Terry Gerton So is this more for government contractors who are offering AI products, or for government contractors who are using AI in their internal products?
Jim Carroll It’s really for AI-based cloud services who are able to use AI tools that not only allow them, but really allow federal workers to be able to access AI in a much faster space. And, you know, there’s certainly some challenges with AI. I think, you’re hearing some of the futurists talk about, do we really understand AI enough to embrace it to the extent that we have? I don’t think anyone really knows the answer to that, but we know it’s out there and there is this recognition that there will be an ongoing routine federal use of AI. So let’s at least have the major players that are doing it the best authorized to be able to provide the service. And so much is happening right now in the AI space. And I think everyone knows the acronym. There’s a lot of acronyms we’re going to talk about today that are happening, but AI is an acronym that really is. And we did a poll and looked at our 400 member companies at PS Council. And I think it was 45% or 50% mentioned the use of AI on their homepage. And so I think there’s just recognition that GSA wants to be able to provide these solutions to the federal government workers.
Terry Gerton Do you see any risks or trade-offs in accelerating this approval versus adopting things that might not quite be ready for prime time?
Jim Carroll You know, I think there’s always that concern, as I mentioned, about some of the futurists that are looking at this and making sure that it’s safe. We’re hearing about it from the White House and we’re putting together — you’ve seen some public panels already with the White House, we’ve been asked to bring our PSC members for a policy discussion and some of the legal issues around AI to the White House. And so we’ll be bringing some members to the White House here in the next couple of weeks. And so I think there is concern that the people who use AI are also double-checking to make sure it’s accurate, right? That’s one of the concerns I think that people want to make sure is that there should not be an over-reliance or an exclusive reliance on AI tools. And we need to make sure that the solutions and the answers that our AI tools are giving us are actually accurate. One of the concerns, which I think goes into something we need to discuss that’s happening this week, is cybersecurity. Is AI secure? Is the use of it going to be able to safeguard some of the really important national security work that we’re doing? And how do we do that?
Terry Gerton I’m speaking with Jim Carroll. He’s the CEO of the Professional Services Council. Well, let’s stick in that tech vein and cybersecurity. There’s a new bill in Congress that wants to shift cybersecurity hiring to more of a skills-based qualification than professional degrees. How does PSC think about that proposal?
Jim Carroll I think again, it’s a reflection of what’s actually out there — that these new tools, we’ll say in cybersecurity, [are] really based on an individual’s ability to maneuver in this space, as opposed to just a degree. And being able to really focus on the ability of everyone, I think equals the playing field, right? It means more and more people are qualified to do this. When you take away a — I hate to say a barrier such as a degree, but it’s a reflection that there are other skill sets that people have learned to be able to actually do their work. And I can say this, having gotten a law degree many years ago, that you really sort of learn how to practice law by doing it and by having a mentor and doing it over the years, as opposed to just having a law degree. I don’t think it would be a good person to just go out and represent anyone on anything on the day after graduating from law school. You really need to learn how to apply it and I think that’s what this bipartisan bill is doing. And so you know, we’re encouraging more and more people being able to get into this, because there’s a greater and greater need, Terry. And so we’re okay with this.
Terry Gerton So what might it mean then for the GovCon workforce?
Jim Carroll I think there’s an opportunity here for the GovCon workspace and employees to be able to expand and really get some super-talented people to be able to work at these federal agencies. Which is a great plus, I think, for actually achieving the desired results that our GovCon members at PS Council are able to deliver, is we’re going to get the best and brightest and bring those people in to give real solutions.
Terry Gerton So the bill calls for more transparency from OPM on education-related hiring policies. Does PSC have an idea of what kind of oversight they’d like to see about that practice?
Jim Carroll Yeah, we’re looking into it now. We’re talking to our members and seeing what kind of oversight they have. You know, representing 400 organizations, companies that do business with the federal government and so many in this space of cybersecurity, being the leading trade organization for these 400 companies, it means that we’re able to go to our members and get from them, really, the safeguards that they think are important. Get the requirements that they think are important and get it in there. And so this is going to be a deliberative process. We have a little bit of time to work on this. But we’re excited about the potential. We really think this will be able to deliver great solutions, Terry.
Terry Gerton Well, speaking of cyber, there’s a new memo out on the cybersecurity maturity model. What’s your hot take there?
Jim Carroll Terry, how long has that been pending? I think five years. I think it’s five years is what I heard this morning. And so, you know, this will provide three levels of certification and clarity for CMMC [(Cybersecurity Maturity Model Certification)]. We’re looking at it now. This is obviously a critical issue and we are starting a working group. And we’re going to be able to provide resources to our members for this, to make sure that the certification — some of which are going to be very expensive for our members, depending on what type of certification that they want. So we’re gearing up. We have been ready for this. Like I said, we started planning this for five years ago, right? So did you, Terry. And so we have five years of thought going into it and we will be announcing and developing a website for our members to be able to have information on this, learn from this. We’ll be conducting seminars for our members. So now that CMMC — the other acronym I think that I mentioned earlier — is finally here, it’ll be implemented, I guess, in 60 days. And so we’ll have some time to use the skills that we have been developing over the last five years to give to our members.
Terry Gerton Any surprises for you in the final version? I know that PSC had quite a bit of input in the development.
Jim Carroll Not right now. We’re sort of looking at it; obviously, it just dropped in the last 24 hours. And so nothing right now that has caught us off guard. And so we’ve been ready for this and we’re ready to educate our members on this.
The post How federal tech leaders are rewriting the rules for AI and cyber hiring first appeared on Federal News Network.