Year in Review 2022: Federal Funds, Foreign Cyber Attacks
GT's most-read stories from January and February 2022 covered the roll out of the Infrastructure Investment and Jobs Act, expanded definitions of remote work in government and our seventh annual GovTech 100.
The Big Apple made some big changes at the start of the year when Mayor Eric Adams was sworn into office at midnight on Jan. 1. Ahead of Adams’ term, New York’s Chief Technology Officer John Paul Farmer announced his departure from the position. Adams appointed Matt Fraser, previously deputy commissioner of IT for the NYPD, as his replacement and then signed an executive order consolidating and unifying all NYC tech agencies under a new Office of Technology and Innovation with the aim of breaking down silos and making city agencies more efficient. Amid the transition, CIO Jessica Tisch also announced her departure, although she took over as commissioner for the city’s sanitation department in April.
States and localities worked to make sense of how to use the federal funds coming from the $1.2 trillion Infrastructure Investment and Jobs Act (IIJA) passed in late 2021. GovTech identified five lower-profile elements of the IIJA of potential interest to state and local gov — like an initiative to collect open source transit data to improve how people move around cities and special grants for water utilities to invest in modern tools like asset management software. GT also covered the massive chunk of the spending package — nearly half — earmarked for transportation. With that in mind, GIS firm Esri released an interactive inventory of the country’s bridges to help identify specific places that could especially benefit from IIJA funding.
The seventh annual GovTech 100 list highlighted the top tech companies doing business with the public sector and also marked a banner year for the market as a whole. Some major 2021 merger and acquisition activity, totaling $2.2 billion in the third quarter alone, meant the new year held promise for continued growth. Experts predicted a higher volume of lower-value deals going forward.
The continued growth of remote and hybrid work in government meant more than just staff connecting from home. What were previously considered “assistive” technologies — like speech-to-text — started to become more mainstream. This meant those who wouldn’t have been able to commute into an office could apply for government jobs. That means a wider talent pool and more diverse voices on staff. As Alaska CIO Bill Smith put it, “We’ve got the enduring tools now to start to see that on a larger scale.”
Concerns about cyber attacks on government and critical infrastructure went beyond American borders, particularly as Russia began its attack on Ukraine in February. Cybersecurity experts from the Aspen Institute warned of Russia’s potential to use cyber threats and misinformation against not only Ukraine, but its allies as well, including the U.S. The Cybersecurity and Infrastructure Security Agency (CISA) advised that while no credible attacks on American systems had been made, it remains critical to boost defenses against attacks on essential infrastructure and attempts to undermine confidence in the government. In March, Americans saw some of those fears come to fruition when cybersecurity firm Mandiant reported a hacker group backed by the Chinese government attacked at least six unnamed states, exploiting flaws in the Log4j and USAHERDS agricultural tracking systems.
Meanwhile, domestic hacks that have become the stuff of daily headlines continued unabated. A January breach took out a Washington state licensing system, potentially exposing users’ personal identifiable information. Prescott, Ariz., reflected on lessons learned from a 2020 breach when bad actors took advantage of a weak password on an outdated system. Quick action from an employee and the FBI helped avoid a full-scale ransomware attack. It was a reminder of how simple measures such as password protection can make all the difference. “It’s the little things that end up killing you,” said Prescott IT Director Nate Keegan.
The public sector has continued to push boundaries, using emerging tech in innovative ways to imagine what is possible for government. The police department in Oceanside, Calif., had already realized the advantages of using drones for search-and-rescue operations, but has now improved procedures by using Zoom video conferencing to share the drone’s perspective across multiple smart devices. And the Gerald R. Ford International Airport in Grand Rapids, Mich., is working with private-sector partners on a program to pilot autonomous tech from ground transit to security to tracking planes in flight.
Concerns over facial recognition persisted this year, with a Texas lawsuit alleging that Facebook, and by extension its parent company, Meta Platforms Inc., violated state law when it used the technology without users’ permission. While Texas Attorney General Ken Paxton said “this is yet another example of Big Tech’s deceitful business practices,” Meta said the suit is invalid, citing a November 2021 move to stop using facial recognition. And it wasn’t just states who had worries: Early this year the IRS announced it would require users of its online portal to create an account with identity validation firm ID.me, which requires users to submit a live video selfie, among other documentation. The agency later abandoned the decision amid pushback.