Describe your experience and current position in the federal identity management sector?
I’ve worked in the federal identity space for 25 years. My first activity was launching the Face Recognition Vendor Test series, which NIST manages to this day. My current focus is coordinating the public-private/interagency team that plans FedID, with occasional policy-level guidance to Congress or the White House. Along the way, I’ve led identity-focused research programs in the Departments of Defense and Justice, co-chaired FAA’s screening working group in the aftermath of 9/11, and served in the White House’s Office of Science and Technology Policy for eight years (with identity as one of my portfolios) during the formative stages of the nation’s homeland security enterprise.
How do you view the greatest potential (or challenge) for the evolution of identity management within the federal government?
- Digital Identity. The evolution of identity management within the federal government holds immense potential, particularly in the realm of Digital Identity. As cyber threats escalate and the demand for personalized online services increases, the importance and complexity of digital identity services are set to grow considerably. This challenge is more intricate than the coordination of identities post 9/11 due to technical, legal, and policy aspects, as well as the sheer volume of entities (many outside the USG itself) involved. For instance, fraud in government entitlement programs costs more annually than the entire federal government's R&D budget, highlighting the magnitude of the problem.
- Information Integrity. The proliferation of news articles and policy analyses/recommendations, and occasionally draft legislation or policies themselves, that lack information integrity on identity matters continues to be a concern. Misinformation (incorrect information unknowingly shared), disinformation (deliberately shared false information) and malinformation (superficially accurate info presented without needed context to misinform) can emanate from both proponents and opponents of advanced identity capabilities. This not only complicates policy and program development but also undermines the trust of constituents, which is crucial for the successful implementation of advanced identity management systems.
In what ways does the Federal Identity Forum & Expo (FedID) contribute to the success of your agency or organization?
MITRE is a not-for-profit organization that works in the public interest, predominantly by operating multiple FFRDCs supporting federal agencies. I help lead our Center for Data-Driven Policy, which leverages the insights and expertise of MITRE’s ~10k employees to provide (non-lobbying) recommendations to policymakers so that their decisions are evidence-based, actionable, and effective.
FedID serves as an important connector. It brings together senior figures from the federal government and thought leaders from the broader identity community to exchange information and provide mutual mentoring, which in turn contributes to the success of federal programs. FedID is often referenced as a model for how other public-private technical communities should convene. This year, I’m particularly looking forward to the workshops that will take place during FedID, in which we’ll develop community-wide recommendations on identity priorities and activities for the next presidential administration.