President Biden’s nominee to lead the Office of Management and Budget (OMB) Neera Tanden faced questions on cybersecurity, IT modernization, and supply chain during her confirmation hearing today before the Senate Committee on Homeland Security and Governmental Affairs.
Tanden, who is currently the president of the Center for American Progress, spoke at length regarding the role cybersecurity plays in national security, OMB’s responsibilities when it comes to securing the Federal supply chain, and the need for OMB to aid Federal and state agencies to modernize their technology infrastructure.
While Tanden garnered praise from Democrats on the committee, Republican members were angered by her history of tweeting criticisms of Republican legislators. However, members of both parties questioned Tanden on IT topics.
Sen. Jacky Rosen, D-Nev., zeroed in on the need for IT modernization. Specifically, she discussed the need to modernize the unemployment insurance infrastructure. Rosen asked what role Tanden believes OMB should play in helping Federal and state agencies to modernize their technology so they can be more “nimble” in responding to current and future crises.
Tanden said OMB needs to help agencies at all levels of government to make sure they are using the right technology to target resources to families, small businesses, and communities that are most in need. She discussed agencies using apps or bots to help meet their mission. She said the AI can be a great tool for government agencies, but OMB needs to help agencies make sure user privacy is being protected.
Focusing on cybersecurity, Sen. Gary Peters, D-Mich., drilled down on the Federal government’s struggle to attract and retain cybersecurity talent for its workforce. Peters discussed the Federal Rotational Cyber Workforce Program Act, which he cosponsored. The legislation, which unanimously passed during the previous Senate, would require agencies to designate certain positions at Federal agencies as rotational, and allow workers from the Federal rotational force at large to fill them for six months to a year. Peters said this legislation is key to attracting and retaining top cyber talent. He asked Tanden if she would commit to working with his office to see the legislation enacted and implemented, and Tanden committed to working with Peters on the bill.
Peters further asked Tanden what steps she would take to ensure agencies can hire the cyber talent they need. Tanden discussed the U.S. Digital Service (USDS), which provides consultation services to Federal agencies on IT, saying the government has learned a lot from USDS on how to attract top talent and solve “killer challenges” around technology. She said she would use resources like USDS to attract cybersecurity talent.
Sen. Josh Hawley, R-Mo., brought up the role cybersecurity plays in national security. He asked Tanden about her commitment to remove Chinese technologies from “sensitive” American networks due to the risk of espionage from the Chinese government. “I absolutely believe that we have to ensure real security in our supply lines from China, as well as elsewhere,” Tanden responded. She specifically mentioned Huawei, while Hawley focused on the China-based social media app TikTok.
Hawley asked Tanden whether she agreed that TikTok was a “threat to national security,” because it collects user data and it is required to share that information with the Chinese government. Tanden said, “We should absolutely be concerned about any entity that takes information and shares it with a government.”
Sen. Rob Portman, R-Ohio, also spent some of his time focused on cybersecurity attacks perpetrated by U.S. adversaries, specifically the recent SolarWinds attack, which has been attributed to Russian intelligence agencies. Portman stressed the importance of Federal agencies reporting major cybersecurity incidents in a timely manner. Portman and Peters cosponsored the Federal System Incident Response Act, which would require Federal agencies to report to Congress within seven days about any cyberattacks they have faced that would cause significant harm to national security or agency operations. Tanden agreed with Portman that the standard for reporting cybersecurity incidents in the Federal government needs to be revisited. She stressed that the timely reporting of major cyber incidents is really essential for agencies, citizens, and the private sector.
Portman then focused on regulations of AI in both the private and public sectors. Portman referenced OMB guidance issued under the Trump administration regarding AI regulations. Tanden agreed to continue with ongoing processes regarding AI regulations.
The Senate Committee is expected to vote on Tanden’s nomination later this week. If she clears the committee, which seems likely, Tanden’s nomination will then move to the Senate floor for another vote.