GovWin
Contact Us| About Deltek| About GovWin | GovWin Home
 
 
Search

Links
Blog Home
Subscribe
Follow GovWin on
Free Downloads
Recent Posts
GovWin Recon - June 18, 2013
The Army Tightens its Chokehold on COTS IT Procurement
GSA Looks beyond Networx
GovWin Recon - June 17, 2013
GovWin Recon - June 14, 2013
Archives
June 2013 (27)
May 2013 (47)
April 2013 (58)
March 2013 (60)
February 2013 (55)
January 2013 (25)
December 2012 (20)
November 2012 (33)
October 2012 (38)
September 2012 (53)
August 2012 (55)
July 2012 (43)
June 2012 (47)
May 2012 (50)
April 2012 (31)
March 2012 (30)
February 2012 (23)
January 2012 (27)
December 2011 (27)
November 2011 (30)
October 2011 (18)
September 2011 (27)
August 2011 (22)
July 2011 (25)
June 2011 (24)
May 2011 (20)
April 2011 (21)
March 2011 (22)
February 2011 (22)
January 2011 (25)
December 2010 (22)
November 2010 (21)
October 2010 (19)
September 2010 (29)
August 2010 (21)
July 2010 (12)
June 2010 (21)
May 2010 (18)
April 2010 (12)
March 2010 (30)
February 2010 (17)
January 2010 (20)
December 2009 (20)
November 2009 (14)
October 2009 (24)
September 2009 (30)
August 2009 (16)
July 2009 (13)
June 2009 (13)
May 2009 (16)
April 2009 (20)
March 2009 (27)
February 2009 (25)
January 2009 (52)
December 2008 (36)
November 2008 (47)
October 2008 (56)
September 2008 (52)
August 2008 (47)
July 2008 (59)
June 2008 (56)
May 2008 (67)
April 2008 (58)
March 2008 (45)
February 2008 (15)
January 2008 (17)
December 2007 (12)
November 2007 (10)
October 2007 (16)
September 2007 (11)
Categories
Acquisition Reform (23) [RSS]
Air Force (5) [RSS]
Announcements (38) [RSS]
Architecture, Engineering, Construction (4) [RSS]
Army (15) [RSS]
Big Data/Analytics (30) [RSS]
Budget (170) [RSS]
Business Development (1) [RSS]
Business Development Tools (107) [RSS]
Cloud Computing (62) [RSS]
Communications Services (19) [RSS]
Community Development (44) [RSS]
Congress (99) [RSS]
Consolidation (45) [RSS]
Contract Awards (244) [RSS]
Contract Opportunities (631) [RSS]
Critical Infrastructure Protection (2) [RSS]
Cybersecurity (33) [RSS]
Data Center (16) [RSS]
Department of Commerce (2) [RSS]
Department of Defense (67) [RSS]
Department of Energy (5) [RSS]
Department of Homeland Security (38) [RSS]
Department of Justice (1) [RSS]
Department of Labor (6) [RSS]
Digital Government (20) [RSS]
Education (130) [RSS]
Efficiency (9) [RSS]
Efficiency Initiatives (12) [RSS]
Elections (49) [RSS]
Electronic Health Record (3) [RSS]
Emerging Technologies (197) [RSS]
ERP (10) [RSS]
Events (169) [RSS]
Federal Aviation Administration (FAA) (2) [RSS]
Financial Crisis (186) [RSS]
Fiscal Update (69) [RSS]
Forecasts & Spending (504) [RSS]
Geospatial (3) [RSS]
Government Reform (121) [RSS]
Grants (238) [RSS]
Green IT (30) [RSS]
Health and Human Services (10) [RSS]
Health Care (481) [RSS]
Health IT (96) [RSS]
Homeland Security (490) [RSS]
Information Security (130) [RSS]
Innovation (29) [RSS]
Intelligence Community (3) [RSS]
IT Budget (72) [RSS]
IT Services (51) [RSS]
Joint Information Environment (JIE) (1) [RSS]
Justice/Public Safety (532) [RSS]
Legislation (14) [RSS]
Mergers & Acquisitions (55) [RSS]
Mobility (26) [RSS]
narrowbanding (12) [RSS]
National Aeronautics and Space Administration (1) [RSS]
Navy (7) [RSS]
NextGeneration Air Transportation System (1) [RSS]
NG911 (13) [RSS]
Office of Management and Budget (62) [RSS]
Open Government (13) [RSS]
Open Source (2) [RSS]
Outsourcing (84) [RSS]
Performance (12) [RSS]
Pipeline Management (2) [RSS]
Policy & Legislation (535) [RSS]
President (101) [RSS]
Procurement (818) [RSS]
Protest (24) [RSS]
Public Finance (72) [RSS]
Recon (102) [RSS]
Sequestration (32) [RSS]
Shared Services (16) [RSS]
Small Business (39) [RSS]
Social Media (22) [RSS]
Social Services (244) [RSS]
Technology Trends (559) [RSS]
Telehealth (4) [RSS]
Telework (2) [RSS]
Training (1) [RSS]
Transparency (116) [RSS]
Transportation (107) [RSS]
Treasury (3) [RSS]
Veterans Affairs (8) [RSS]
Virtualization (3) [RSS]
Waste, Fraud, Abuse (6) [RSS]
White House Transition (30) [RSS]
Markets
Federal (620) [RSS]
State & Local (1407) [RSS]
Recent Comments

Voting machines: Near-term procurements; mobile election future
Nathan said: Yes, with the rapid pace of technological evolution and what appears to be our "Thirst" to... [More]

Computer-aided dispatch in the cloud
James Cape said: The Public Safety Cloud is already here. InterAct's Online RMS is serving the needs of over 200 age... [More]

Colorado joins Montana in requiring vendor proposals submitted on iPads
George Gotsis said: What I find interesting is how often states still require printed copies. You don't need an iPad to ... [More]

RSS


Intel Community Takes Aim at Agile Acquisition
Posted on: June 11, 2013 | Posted By: Kyra Fussell
Related Categories: Innovation, Information Security, Cloud Computing, Acquisition Reform, Intelligence Community, Consolidation, Federal, Sequestration

Austerity measures are hitting everywhere in the government, and the Intelligence Community (IC) is no exception. At a recent AFCEA DC event, representatives from the National Security Agency (NSA), National Reconnaissance Organization (NRO), National Geospatial-Intelligence Agency (NGA), and Defense Intelligence Agency (DIA) discussed some of the ways their buying habits are changing. Like other areas, the reduced resources are prompting an increased focus within the IC on increasing efficiency and leveraging new technology. As it makes those shifts, the IC is also contending with training needs within the acquisition workforce.

Panelist at the event stressed the importance of revitalizing the partnership with industry. Efforts are being made to advise the Defense Industrial Base (DIB) on its role in sustaining the IC mission. An acquisition executive from NSA commented that increasing signal intelligence threats and rapidly evolving technology are significant challenges. The drive to invest in research and development for the future is countered by swelling cost of sustainment. In an effort to lower those costs, the IC is exploring technologies like cloud utilization, automated testing, and configuration management. They’re also looking at leveraging commercial technologies and services.  
 
The need to improve communication with industry is surfacing in other areas. For example, NGA is exploring how to share information and transfer knowledge from government to industry in the hopes of better leveraging internal research. At NRO, they’re working to address being unable to afford all of the options on some contracts by trying to negotiate the situation with contractors. In some cases, labor costs have been revisited to help meet agency needs.
 
Better Buying Power is being stressed and organizations are finding market research increasingly important. However, Lowest Price Technically Acceptable (LPTA) is not likely to trend in the IC. The message from the panel was clear: LPTA can be useful in some low complexity, low cost areas. However, the vague descriptions of LPTA are considered not conducive to the need for discriminators and specific technical requirements.
 
As IC organizations assess acquisition needs for recurring technology, they are keeping shared technology requirements in mind. Future investment areas are likely to target cross-IC initiatives. DIA is currently doing a fair amount of cross-IC work with NGA, and they’ve have found that one benefit of the collaboration is an increase in interoperability. While NGA may be issuing fewer contracts, they are pursuing more cross-IC initiatives. In fact, delivering a capability to one area of the IC could be an opportunity for industry to explore similar needs in other organizations.
 
Deltek has been forecasting increased spending as the fiscal year draws to a close. Many of those contracts are expected to be large, complex awards. For the IC, this may present a particular challenge. Furloughs within acquisition workforce pose a bottle neck. Compounding those potential delays, contract officers may either be unfamiliar with agile approaches or lack experience with complex awards.
 
Solicitations tend to reflect a fixed point in time, but IC user requirements are evolving. Agile delivery and incremental deployment of capabilities is more conducive to addressing that evolution. That said, the budget process and policies can be barriers to agility and rapid delivery.
 
Often times, where there is a substantial knowledgebase of experience, there’s often a focus on managing contracts, as opposed to managing programs. This indicates a distinct need for retraining and adjusting incentives that have encouraged the current set of habits. Historically, the Defense Industrial Base has mirrored the IC when it comes to contracting tendencies, so that will mean gradual change going forward as contracting shifts from Completion to Firm Fixed Price and Pay Per Use models.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
2013 IACP LEIM Conference Recap
Posted on: June 6, 2013 | Posted By: Evan Halperin
Related Categories: Cloud Computing, Events, Procurement, Emerging Technologies, State & Local, Justice/Public Safety, Homeland Security

The 2013 International Association of Chiefs of Police (IACP) Law Enforcement Information Management (LEIM) Conference was held in Scottsdale, Ariz., from May 20-23, 2013, at the Fairmont Scottsdale Princess. The event included a variety of plenary sessions and workshops addressing executive, operational, and technical communications and interoperability. The LEIM section of IACP provides information through a variety of events regarding best practices and updates on state-of-the-art law enforcement technology. More than 1,000 chiefs and information technology professionals are members of the LEIM section, including many from outside of the continental United States.
 
This year’s IACP LEIM did not feature a keynote speaker, so the plenary sessions kicked off quickly following the opening ceremony and welcoming remarks. The first of the two sessions, “The Evolving Role of Technology in Policing: Results of the IACP/LEIM IT Summit,” featured remarks from Scott Edson, commander at the Los Angeles Sheriff’s Department and Chair of the LEIM Board of Officers; Thomas Casady, Lincoln, Neb., public safety director; Lance Valcour, executive director of Canadian Interoperability Technology Interest Group (CITIG) and member of the LEIM Board of Officers; and Steve Williams, Major Florida Highway Patrol, CTO, and on the LEIM Board of Officers.
 
A common thread among many of the event’s speakers and sessions was that of using technology to your advantage and finding ways to “make it work” within your agency. One main issue, aside from costs of new technology, is the governance and local-legislator buy in.
 
For more analysis some of the hot topics and other insights from the 2013 IACP LEIM Conference, please check out the full five-page recap at GovWin.com

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
Agencies Evolve Toward Cloud and Leading Cloud Vendors
Posted on: May 28, 2013 | Posted By: Alex Rossino
Related Categories: Innovation, Cloud Computing, Forecasts & Spending, Technology Trends

Recent data released by OMB shows that federal agencies spent $4.5 billion on cloud computing services in FY 2012 and 2013. OMB estimates that agencies will spend another $2.2 billion on cloud services in FY 2014, bringing the three year total to $6.7 billion. This data shows that the federal perspective on the cloud is changing, a development that is to industry's benefit.
 
When the White House published the President’s Budget Request for Fiscal Year 2014 back in April, the materials released included an Excel workbook called the Exhibit 53C.  This workbook provided data documenting federal spending on cloud based solutions in FY 2012 and FY 2013, and it provided an estimate for anticipated cloud spending in FY 2014.  Taken together, these numbers reveal that federal agencies have spent a total of $6.7 billion on cloud computing since FY 2012.  The deployment type of the cloud solutions that agencies have been buying shakes out as follows:

Two conclusions can be drawn from this data:
 
First, it is clear that cloud solutions are a hit with federal customers.  FY 2013 in particular was a good year for cloud service providers as federal agencies spent a total of $2.3 billion.
 
Second, federal customers overwhelmingly prefer private cloud solutions.  If projected spending in FY 2014 is any indication, this trend is likely to continue as feds ignore the cost benefits of moving to public, community, and hybrid of clouds in favor of a private cloud model that fits their comfort level.  The takeaway from this is that federal customers have overcome their initial hesitation about the security of cloud computing, but they have also chosen to hedge their bets.  Could this be one of those rare moments when we are witnessing evolution?  Federal customers are still risk-averse, but at the same time they are showing signs of innovation too.
 
Leading Cloud Vendors
 
Turning to the other side of the story, who in industry is benefitting from all of this contract money being spent?  Here at Federal Industry Analysis we track developments in the federal cloud market, including who is winning business.  Our data does not account for all of the dollars spent by federal agencies on cloud solutions that makes up the OMB data set above, but it does account for approximately $6 billion in awarded contract value (this includes consulting and strategic planning) since FY 2009.  Given the data we have we are able to make a few observations on the state of competition in the market.

The chart below shows the top ten cloud service providers by number of awards.  This data was collected for the period from Calendar Year 2010 to May 2013 and it makes up a total of 54 cloud contract awards.  The calendar year has been used in place of fiscal year because the exact date of award for many of the efforts could not be confirmed.

According to this small data set, Terremark/Verizon is the leading provider of cloud solutions to federal customers, followed closely by HP Enterprise Services and CGI Federal.  This data includes all kinds of competitions – GWACs, task/delivery orders, GSA IT 70 procurements, and set-asides.  Another interesting point worth making about the data set is that neither Google nor Amazon appear in it.  With the recent announcement of Amazon Web Service’s FedRAMP certification one would expect to find AWS on this list.  AWS is missing, however, because of a curious trend in the cloud market.  Specifically, 3rd parties are often given contract awards to move agency applications to cloud environments hosted by AWS and Google.  For example, several of the Smartronix awards on the chart are for efforts that resulted in the migration of agency apps to Amazon’s Elastic Compute Cloud.  These efforts make is seem as if AWS and Google are not big players in this market when they actually are.
 
Lastly, below is the same breakout of vendor awards by NAICS Code.  Of the 8 codes represented the one under which the most contracts have been awarded is 541519: Other Computer Related Services, with a total of 18 awards.  This is followed by 541513: Computer Facilities Management Services, with 12 awards, and 541512: Computer Systems Design Services, also with 12 awards. 
 

 
 

The variety of NAICS codes used suggests that contracting offices too have evolved to handle cloud procurements.  This is borne out in other data I have seen as well which shows that contracting offices have adapted to the subscription pricing model common to cloud services.  Therefore, with this and other procurement adaptations around pricing and NAICS codes accomplished, the path seems to be clear for the federal adoption of cloud computing to accelerate in the years to come.
 

Originally published for Federal Idustry Analysis: Analysts Perspectives Blog. Stay ahead of them competition by discovering more about GovWinIQ.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
Continuous Monitoring as a Service Award on the Horizon
Posted on: May 14, 2013 | Posted By: Kyra Fussell
Related Categories: Information Security, Office of Management and Budget, Cloud Computing, Department of Homeland Security

 Improved cybersecurity was called out as one of three administrative priorities for FY 2014. Agencies have been inching towards cybersecurity targets, and an upcoming award may ease agency pains of implementing continuous monitoring solutions.
 
As described in the 2012 FISMA report, continuous monitoring covers three categories: assets, configuration and vulnerability. According to the report, all CFO Act agencies demonstrated the ability to successfully report data feeds to Cyberscope. While agency implementation of automated continuous monitoring increased in FY 2012, 7 out of 24 civilian agencies did not have monitoring programs in place.
 
 According to the agency capability implementation, scores often appear lopsided. Overall, agency implementation would need a 7% improvement in FY 2013 to meet the implementation target. Perhaps, DHS’s continuous monitoring program will provide the boost lagging agencies have needed.
 
 
 Last year, The Department of Homeland Security’s National Protection and Programs Directorate (NPPD) announced that it’s developing a Continuous Monitoring as a Service (CMaaS) capability. The result of this effort would be an array of sensors that collects data about agency cyber security risks and presents that information in an automated and continually updated dashboard. This display will allow technical workers and managers to improve an agencies’ view of security, to counter recurring threats more effectively, and to support a data-driven approach to agency risk management.

 
As we previous explored, the core capabilities for DHS’s continuous monitoring fell into five areas: hardware asset management, software asset management, vulnerability management, configuration management, and anti-virus. The continuous monitoring program outlined several approaches, including a service-based solution.CMaaS solutions will be based upon NIST standards including a number of guidelines set out in NIST’s 800 series of special publications:
  •  “Guide for Conducting Risk Assessments” (SP 800-30)
  •  “Guide for Applying the Risk Management Framework to Federal Information Systems” (SP 800-37)
  •  “Guide for Managing Information Security Risk” (SP 800-39)
  •  “Recommended Security Controls for Federal Information Systems and Organizations” (SP 800-53)
  • “Guide for Assessing the Security Controls in Federal Information Systems and Organizations”   (SP 800-53A)

 
DHS plans to shoulder the financial responsibility for this continuous monitoring effort because many agencies lack the resources and expertise.  In December 2012, the contracting office released a request for quote (RFQ) that covers both the CMaaS and tools portions of Continuous Diagnostics and Mitigation (CDM). Responses to the RFQ were due in February 2013. Strategic sourcing is expected to be leveraged using DHS funds to implement sensors (where missing), a federal dashboard, and operating services. The General Services Administration (GSA) will be charging a 2 percent fee to agencies using the broad purchase agreement (BPA). Over 40 vendors have expressed interest in the $6 billion opportunity. The performance period is set for five years. Officials have stated that they expect to issue awards before October 2013. Deltek analysts currently estimate the announcement of the awards in June 2013.
 
Updates regarding the CMaaS award can be found on GovWin under Opportunity ID 89183 (log in required).
 
 Originally published for Federal Idustry Analysis: Analysts Perspectives Blog. Stay ahead of them competition by discovering more about GovWinIQ. Follow me on twitter @FIAGovWin.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
The Joint Information Environment (JIE) Begins Taking Shape
Posted on: May 7, 2013 | Posted By: Alex Rossino
Related Categories: Cloud Computing, Department of Defense, Big Data/Analytics, Contract Awards, Technology Trends, Emerging Technologies, Joint Information Environment (JIE)

Over the last two years, the Department of Defense’s effort to create a new Joint Information Environment (JIE) has been in the news a lot. The JIE is mentioned in practically every briefing and interview with DoD officials, but details concerning what the JIE is and where work related to the JIE is being done are hard to come by. In this post I will attempt to provide some substance to the elusive JIE and in the process point out a few areas where I see work happening.

First, what is the JIE? My rudimentary understanding is that the JIE is a common set of technology standards, products, and open architectural approaches that are being implemented to enable system interoperability, enhance security, and make capabilities available to any DoD end-user on any approved device. In short, the JIE is the DoD-wide version of common operating environments/pictures that many federal agencies are currently implementing. In the DoD’s case, work toward the JIE is going on at all levels. The Military Departments are working on it in their own network convergences (e.g., LandWarNet, NMCI/NextGen, and AFNET) and, generally speaking, work at the Defense agency level is being directed by the Defense Information Systems Agency (DISA). Given the size of this topic, this discussion will be limited to outlining some of the work going on at DISA.

DISA’s JIE Strategy

Back in August 2012, DISA released its Global Information Grid (GIG) Convergence Master Plan (GCMP), a strategy document that outlined the agency’s vision for the JIE. GCMP sections 2.1 through 2.3 described the following objectives that DISA is seeking to achieve. Readers please note I’ve changed a little of the language in the DISA document to cut down the amount of text:
Short-term objectives
  1. Provide common user services and platform services through consolidation of infrastructure and existing software licenses.
  2. Provide two private clouds: an unclassified DoD cloud and a classified DoD cloud.
  3. Improve end-user device access by migrating end-user applications to the cloud and migrating end-users to a Virtual Desktop Interface (VDI) environment.
Mid-term objectives
  1. Develop methods, when using commercial cloud service providers, which protect data in transit and at rest, authenticate users, and apply appropriate access controls.
  2. Provide virtual container technologies supporting secure unclassified operating environments on a wider variety of approved end-user devices.
Long-term objectives
  1. Move to a commercial-government hybrid cloud computing environment with DoD retaining the identity provider role.
  2. Improve service interoperability across core, intermediate and tactical edge environments.
Achieving the Short-Term Objectives

Although DISA laid out these objectives in short, mid, and long terms, each stage is interrelated and in some cases DISA appears to be working toward all terms simultaneously. Starting with Short-Term Objective #1, DISA, the Air Force, and the Army awarded the 3 year, $617 million Joint Enterprise License Agreement for Microsoft products last December. Meanwhile, as mentioned above, infrastructure consolidation efforts are ongoing at both the Defense agencies and in the Military Departments. An example of this would be the ongoing effort to integrate the networks of U.S. Africa Command (AFRICOM) and U.S. European Command (EUCOM).

As for the effort to establish the private clouds mentioned as Short-Term Objective #2, this is proceeding at a slower pace. DISA announced just last month that it has developed a process for gathering and assessing mission partner requirements and establishing contract evaluation criteria for an Enterprise Cloud Service Catalog. This suggests that competitions for cloud computing contracts by DISA are likely to be coming in FY 2014. DISA also began laying the groundwork to address Short-Term Objective #3 by awarding a sole source contract in April 2013 to Jackpine Technologies. Under this contract, Jackpine will continue developing combined milCloud and Infrastructure-as-a-Service capabilities resulting in the delivery of an ALVE (Application Lifecycle Virtualization Environment) that will support DISA's Agile, Rapid Development and Deployment Model. The migration of users to a Virtual Desktop Interface (VDI) is the one area of this plan that seems to be moving ahead at the slowest pace. One potential area of progress is the Broad Agency Announcement (BAA) for a Mobile Device Common-Access-Card-Enabled Thin Client solution that DISA released in September 2012. Under this BAA multiple vendors will provide innovative solutions for Common Access Card (CAC)-enabled virtual thin client solutions for managed and unmanaged mobile devices. Presumably, these solutions would also address the requirement for virtual container technologies listed as Mid-Term Objective #2.

Achieving the Mid-Term Objectives

Regarding Mid-Term Objective #1, work to be performed under the mobile device CAC enabled thin client BAA discussed above would address these requirements. Similarly, DISA’s Program Executive Office Mission Assurance and Network Operations recently released a Sources Sought Notice for Community Data Center (CDC) and Sensor Operations. Under this contract, the industry partner will support Centaur Operations within the Community Data Center. Centaur Operations protects and defends the JIE, DoD Enterprise Services, and the GIG through the maintenance of network sensors and tools that gather terabytes of data. Fulfilling this requirement entails designing, building, and maintaining cloud based multi-petabyte parallel distributed files systems and “big data” analytics.

Achieving the Long-Term Objectives

Concerning the longer-term objectives, it appears DISA will fulfill these by building on solutions that it acquires in the short and mid-term. For example, achieving Long-Term Objective #1 is fulfilled by DISA’s efforts to stand up commercial cloud and cloud broker offerings, as well as through the CDC and Sensor Operations acquisition. This leaves Long-Term Objective #2, enabling interoperability across core, intermediate and tactical edge environments. This goal will only be achieved when work being done across the Military Departments’ networks reaches a sufficient level of maturity. In DISA’s case, however, the agency recently took a big step in this direction by awarding a $45 million sole source Blanket Purchasing Agreement to Alliance Technology Group for Large Data Object Storage. The LDOS capability will provide the foundation for an ISR Storage Cloud that enables the sharing and analysis of ISR data across all components of the DoD.

In conclusion, work on the JIE is just getting started. Mobile computing and communication solutions, for example, will also be part of the JIE. However, DISA is expected to award contracts for this requirement soon. Industry can remain confident that more requirements are sure to come.

 

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
DISA’s ISR Storage Cloud Award Points the Way Ahead for DoD Big Data/Cloud Market
Posted on: April 16, 2013 | Posted By: Alex Rossino
Related Categories: Cloud Computing, Department of Defense, Big Data/Analytics

By now everyone has probably read about the recent $45 million sole source award that the Defense Information Systems Agency (DISA) recently made to the Alliance Technology Group for Large Data Object Storage (LDOS).  The Justification and Approval (J&A) notice for the award states that ATG will provide DISA with a scalable storage solution the development of an intelligence, surveillance, reconnaissance (ISR) cloud.  The resources ATG will provide can store hundreds of billions of objects for ISR uses across DoD networks, including “Wide-Area Motion Imagery (WAMI), Standard and High-Definition (HD) Full-Motion Video (FMV), HyperSpectral, Laser Imaging Detection and Ranging (LIDAR), Electro-Optical/Infra-Red (EO/IR) and Synthetic Aperture Radar (SAR) data formats.”  The breadth of data objects to be stored is interesting, as is the fact that DISA is building an ISR cloud, but to me the real importance of this notice lies in what it says about the challenges the DoD faces in trying to handle big data.  Many of these challenges are themes that have appeared in FIA’s blog posts and reports for the last year.

The Strain of Big Data

In a moment of candor, DISA admits in the notice that it “cannot provide the Storage Cloud in its Defense Enterprise Computing Centers (DECCs) due to the physical size of the necessary hardware” required.  Similarly, DISA states that “it does not have the funding … to purchase the required hardware or storage facility.”  DISA also admits in the notice that the new ISR cloud requires increased bandwidth that the agency cannot provide: “Alliance Technology Group is the only contractor with the ability to provide the ISR Cloud Solution with bandwidth at a secure and accessible location.”

Here is the crux of the challenge in three short sentences.  DISA lacks the physical space it needs for a large investment in hardware, it lacks the money to buy the hardware, and it lacks the bandwidth capacity required for ISR data analysis.  In this blog post from October 2012, I made the case that big data is a game changer in the federal IT market, not because of the technologies that will be used to exploit it, but because it acknowledges that the exponentially growing demands of data management have outstripped the limited resources agencies have to handle it.

Visualize if you will all of the data that the DoD accumulates as a large sea.  The level of the water is rising.  Then picture the resources the DoD has to handle that data as a system of dikes used to hold back the sea.  Occasionally the dikes are opened to relieve the pressure.  Nevertheless, the sea level beyond continues to grow.  This is the big data challenge facing the DoD and other federal agencies and the timing could not be worse.  The challenge is rising at precisely the moment when the fiscal resources required are not available.  The challenge of big data is not an “efficiency” problem, it is an overwhelming volume, variety, and complexity problem that requires smart governance and, more importantly, increased investment in infrastructure (commercial or government), analytical capabilities, and trained personnel.

Turning to the Cloud

Having recognized the challenge, DISA is doing the only thing that it can – it is turning to commercial cloud providers to provide the capacity it requires.  In this case the capacity is storage and bandwidth.  The J&A makes clear that DISA anticipates the LDOS ISR Cloud will exceed 1 Exabyte within one year and may exceed 3-4 Exabytes in three to four years.  DISA is being optimistic here.  Neither the DoD nor the Intelligence Community have any intention of limiting the amount of data taken in.  Go to any DoD event on big data and you will hear speakers say that they want to keep every bit and byte because they never know what will be important in the future.

Takeaways

All of this means the following.  Vendors need to offer secure cloud storage solutions, big data analytics (preferably as a cloud service), and related cloud service solutions that meet the DoD’s security requirements.   A recent memo issued by Navy CIO Terry Halvorsen makes this latter point explicitly.  This J&A award to Alliance Technology Group is the tip of the iceberg.  There is a tsunami of contract dollars building to address the DoD’s big data needs.  These contract dollars will flow into modernized and optimized infrastructure – like the new DISN Optical Backbone that DISA intends to build – as well as new database software called out in the FY 2013 National Defense Authorization Act (NDAA), new processing capacity, new storage capacity, and the personnel services required to make all of this go.  The only thing holding back the big data spending tsunami is the fiscal crisis.  This is causing procurement to dribble out in small awards here and there.  However, even with imposed fiscal restraint the path ahead is clear.  The DoD and all federal agencies eventually will be forced by necessity to contract out the big data services they require to cloud providers.  The call has gone out in this DISA J&A.  Can you hear it?

 

 

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
OMB Mandates Shared Services for Financial Systems
Posted on: April 2, 2013 | Posted By: Kyra Fussell
Related Categories: Shared Services, Office of Management and Budget, Cloud Computing, Acquisition Reform, Procurement

On March 25, the Office of Management and Budget (OMB) released a memo directing all executive agencies to use shared service solutions for future modernizations of financial systems. The guidance outlines the evaluation process the Treasury Department will use to assess existing Federal Shared Service Providers (FSSP). It also describes the steps the Treasury’s Office of Financial Innovation and Transformation (FIT) will take to review new agency proposals for aligning with this mandate.
Building on the Federal Information TechnologyShared Services Strategy (as well as OMB’s review of financial systems from June 2010), the memo from federal controller Danny Werfel explains that “the cost, quality and performance of Federal financial systems can be improved by focusing government resources on fewer, more standardized solutions that are implemented and operated by experienced staff.” In addition to streamlining the variety of solutions currently deployed across the government, the use of FSSPs will help to reduce the time it takes to implement systems and to improve data quality. As part of this guidance, OMB is encouraging agencies complete market research to evaluate solutions and complete analysis of alternatives from both FSSPs and commercial SSPs. Werfel suggests taking vendor past performance and advantages of existing partnerships into consideration when assessing solutions.
The guidance makes it clear that agency-specific solutions will be discouraged. Still, there is some room for “rare” exceptions. Agencies would need to demonstrate exceptional circumstances (e.g. unique requirements or adequate scale) through alternatives analysis that establish the agency-specific approach is clearly preferable in terms of best value for the Federal Government. Should an agency be approved for an agency-specific solution, they still need to participate in government-wide benchmarking and governance. 
Moving forward, OMB will work with agencies to explore modular updates for financial system, to target enhancements and to prioritize funding for modernization proposals. OMB will be working with agency Chief Financial Officers (CFOs), Chief Information Officers (CIOs) and FSSPs to identify common standards and requirements. Two offices within OMB, the Office of Federal Financial Management and the Office of Federal Procurement Policy, will work with agencies to align acquisition strategies to promote the Cloud First policy and strategic sourcing goals. Agencies with near-term modernization needs are advised to plan for adopting a shared services approach. In the coming months, OMB will issue new guidance on technology and business requirements for financial systems.
This mandate from OMB comes on the heels of the Government Accountability Office removing management of interagency contracts from its 2013 High Risk List. This list calls attention to agencies and program areas that are particularly vulnerable to fraud, waste, abuse and mismanagement. GAO removed the high risk designation for interagency contract due to improvements in several areas including: progress addressing identified deficiencies, adding management controls, creating a policy framework for new contracts, and taking steps to provide better data.

While agencies aim to improve efficiency and deliver greater return on investments, they are looking increasingly to strategic sourcing and shared services a means of leveraging the government's buying power.  Tracking spending through agency mandated contract vehicles, we tend to end up with piecemeal impression of the impact these acquisition trends are having on the market. As luck would have it, the Office of Federal Procurement Policy (OFPP) has a registry of interagency contracts. However, according to Jack Kelly, Senior Policy Analyst for OFPP, the status has not been recently updated.  The current extent to which agencies are leveraging shared service contract vehicles isn’t entirely clear, but Kelly suggested that the Strategic Sourcing Leadership Council (SSLC) is likely to get engaged in activities to review and update the interagency contract registry. In short, we can expect strategic sourcing and shared services to continue shaping federal spending.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
Will FAA Spending on NextGen to Remain Strong through 2020?
Posted on: April 2, 2013 | Posted By: Alex Rossino
Related Categories: Federal Aviation Administration (FAA), Cloud Computing, Technology Trends, Emerging Technologies, NextGeneration Air Transportation System

A few weeks ago the U.S. Government Accountability Office (GAO) published a report entitled Department of Transportation: Key Issues and Management Challenges, 2013. This report examined challenges the DOT is facing when it comes to “leveraging investment in surface transportation networks to meet national goals and priorities.” Being a market analyst focused on federal IT I read through the report seeking insight into department pain points and future technology needs. This was time well spent, because I hit pay dirt. Check out this doozy of a revelation on page 19 - the Federal Aviation Administration’s “NextGen modeling indicates that even if all ongoing and planned NextGen technologies are implemented, 14 airports—including some of the 35 busiest—may not be able to meet the projected increases in demand.”
Among these 14 airports could be found Newark International, LaGuardia, and Philadelphia, or, in other words, major airports serving major population centers. A look through DOT line items in the fiscal 2013 Exhibit 53 shows that spending related to the FAA’s Next Generation Air Transportation System is expected to make up $2.2 billion of the DOT’s $3.1 billion IT budget in FY 13 alone. Spending on this level is not an aberration either. Every year an overwhelming majority of the DOT’s IT dollars are dedicated to NextGen related investments.
The results of the FAA’s NextGen modeling suggest a significant amount of IT dollars will continue flowing into NextGen related procurements for at least the next decade. In today’s climate of shrinking IT budgets, this revelation is akin to discovering an unexpected oasis in a desert. The question is figuring out where these dollars will materialize. The GAO report does not provide any clues so those of us looking in from the outside are left to speculate about potential investments. In my opinion, two general possibilities present themselves at this time.
First, current contracts supporting NextGen investments could be extended and/or scope increased to provide the extra capacity.  By my count there are more than 30 currently active contracts related to NextGen components expiring between September 2014 and October 2018. Still others expire up to 2020. Competing for the follow-ons to these contracts (assuming follow-ons are planned) is a no-brainer.

Second, the FAA may choose to compete brand new contracts for NextGen requirements. The $64,000 question at this point is will the FAA leverage cloud computing for its needs? Publicly, the FAA’s progress toward the cloud has been slow. Behind the scenes, however, it is beginning to look like the agency is growing more comfortable with using cloud-based solutions. For example, Noblis has been providing cloud computing support for the FAA’s System-Wide Information Management (SWIM) program since June 2012. That order was awarded via Enterprise Communications Support Services (ECSS) contract # DTFAWA11D00051. More recently the FAA Office of Airports awarded a contract to L-3 Services (a subsidiary of L-3 Communications) for its System of Airports Reporting (SOAR) II requirement. Section 4.2.3 of the Statement of Work called specifically for the awardee to complete an assessment of a potential cloud computing solution for SOAR II. Strictly speaking, SOAR II is not a NextGen system, but because it interfaces with NextGen systems I am wondering how long it will be before a lot more Market Surveys calling for NextGen related cloud solutions start appearing on FedBizOpps.gov.

Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWin IQ. Follow on twitter @FIAGovWin.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
Cyber Security & Critical Infrastructure Protection – Themes from TTC’s Symposium
Posted on: April 1, 2013 | Posted By: John Slye
Related Categories: Transportation, Information Security, Mobility, Cloud Computing, Department of Defense, Department of Homeland Security, Cybersecurity, Policy & Legislation, Intelligence Community, Department of Energy, Federal, Homeland Security

I had the opportunity recently to attend a two-day symposium on Cyber Security & Critical Infrastructure Protection, hosted by the Technology Training Corporation. The event brought together federal government and industry cyber security experts from the various critical infrastructure sectors, including Energy, Homeland Security, Defense, Transportation, Communications/IT, Postal, Emergency Services, and Financial Services. The recurring theme throughout the event was the ongoing vulnerability that these sectors share and what they are doing about it.
 
The symposium agenda included presenters from a range of governmental, quasi-governmental, non-profit, and private industry organizations with one underlying commonality – their interest in protecting critical infrastructure that is vulnerable due to the growing threat to the information technologies that have permeated this infrastructure. As has been the case with their other events that I’ve attended, the TTC team assembled a very broad array of leaders and experts across the field to provide a really comprehensive coverage of the topic. As events go, I get some of the best information in one place and at one time. Way to go, TTC!
 
Key Themes
 
As I heard from the presenters and interacted with them and other attendees, several themes and commonalities emerged.   Here are just a few.
 
Threats – the Changing Landscape
  • The threat vector has dramatically changed at the same time that laws are changing that put penalties on not securing your data. More is changing in this environment than is staying the same.
  • Some security practitioners have dropped the word “advanced” from the description of advanced persistent threat (APT) because they observe the vast majority of attackers using common attack approaches – the “open door” rather than “breaking a window.” The disparity in security capabilities is greater than the disparity in threat.
  • Mobility – The number of new mobile vulnerabilities being detected is growing almost exponentially each year, making mobility the biggest growing threat vector.
  • Cyber arms race is unlike any other arms race in history because it is frictionless. For example, it took 3 days for Stuxnet to be reverse-engineered, reproduced, and propagated. It taught everybody how to attack a SCADA system. It has also given rise to the private cyber arms manufacturer – people who build cyber-attack capabilities and sell them on the black market.
  • Personnel training to avoid risky behavior is the most important element of cybersecurity. NSA statistics show that 80 percent of exploitable vulnerabilities are a result of poor cyber hygiene. The other 20% is the APT.
  • Social engineering is a growing threat because, among other things, it gives the attackers a deeper understanding of how users and organizations behave, respond and think.
  • Growing cyber threats in the aviation sector target in-flight operations, ground support operations, air traffic managements systems, etc.
 
Cloud Computing Security – Key Challenges
  • Some agencies are moving to cloud services because of financial constraints, knowing of security risks and hoping security will follow soon afterward.
  • Some key challenges in effectively implementing Cloud include:
    • Contract structuring: How do you structure a contact offering when you don’t own the asset? How do agencies (GSA, etc.) effectively strengthen cloud acquisition policy and build in security into SLAs?
    • Clearance: what types of clearance levels are needed for people around the world who are supporting agencies or have access to their data, but are not necessarily part of a secure sector? Information sharing on threats, etc. is sensitive.
    • Incident response: When there is an incident, who do I call? The Cloud Service Provider (CSP) or the agency? 
 
Information Sharing – Culture Change is Needed
  • Information sharing is not an ends, it’s a means to an ends. In this context, it is needed to gain an effective shared situational awareness among shared stakeholders.
  • One challenge to information sharing stems from a sense of human preservation. We have a culture of not sharing information, while hackers have a culture of sharing widely.
  • Electricity Sector Information Sharing and Analysis Center (ES-ISAC) – Allows electric providers to share information in a non-compliance framework and encourages free flow of information without fear of compliance threat hanging over you. Effective sharing requires the freedom from the threat of sharing.
  • Cyber Federated Model (CFM) – the warfighter has great command and control (C2) information and the CFM intends to enable C2 for cyber indicator information. For example, an infected site is sent into the CFM and within a few minutes all other sites within the CFM get the information. Some sites have automated updates and the information sharer gets to control with whom they share.
  • One key to effective sharing includes the ability to be able to do it securely, i.e. share with assurance. Also, data must be anonymized to be shared, especially if the data is classified, sensitive or contains private information. Sensitive but unclassified information will need cooperative agreement between government and industry to set the boundaries for what each can do with the information they receive.
  • Automated information sharing should focus on machine-readable threat indicators to automate data flow and get people out of loop where possible. Currently, high-priority threat-level information is XML-based, but going forward organizations will need more visual analytics.
 
SCADA Systems – Unanticipated Vulnerabilities
  • SCADA (supervisory control and data acquisition) systems, and other industrial control systems (ICS) were never designed for networking, but they have been extensively. So we are now building monitoring capabilities in an attempt to detect and defend against attacks on systems that were never designed to withstand such attacks. 
  • Attacks like Stuxnet and Shamoon targeted energy sector systems and disclosed SCADA system vulnerabilities.
  • The patching treadmill – These control systems were never designed to be patched and/or shut down regularly. This patching can mean an entire plant must be shut down to complete the patch. This has the potential for unforeseen domino effects and implications for supply interruptions and other complexities.
  • Different organizations and unrelated sectors currently have different architectures and protocols for collecting and sharing threat information. What is needed is a common open-standards XML schema to communicate attacks in industrial control and other systems.
 
Regulation Versus Collaboration
  • There is not currently a consensus on how to proceed with administering cyber- and critical infrastructure protections, with significant polarization existing between competing regulatory/compliance and collaboration/incentive approaches. 
  • Comprehensive legislation (Lieberman-Collins, and others) that failed in the Senate included new and expanded regulatory and compliant elements over the private infrastructure community.
  • Some industries, like nuclear energy, have very mature regulatory environments and some assert that the success in this area is an example of positive regulation that should serve as a prototype for other infrastructure industries.
  • Public-private partnerships are essential. The Critical Infrastructure Partnership Advisory Council (CIPAC) and HSPD-7 were the predecessors to the latest Executive Order (EO) and Presidential Policy Directive (PPD-21).
 
Impact of Budget Limitations
 
Budget constraints multiply the challenges that disparate critical infrastructure sectors and federal agencies face as they look to secure their assets and protect their information. This is driving some federal agencies to look to shared services to establish a common security approach and leverage their collective buying power. 
 
As for the current budget sequestration, several government representatives at the symposium noted that they had been fortunate so far, with the greatest impact being to restricted travel budgets for speaking and outreach. (They were based here in D.C.) But they could still travel to perform their site assessments as needed. We will see how ongoing budget constraints shape cyber and infrastructure protection plans going forward.
 
---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWin FIA. Follow me on Twitter @GovWinSlye.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati
NASA SEWP V Extends Performance Period, Raises Contract Ceiling-Value
Posted on: March 26, 2013 | Posted By: Kyra Fussell
Related Categories: Cloud Computing, Contract Opportunities, Procurement, Performance

Earlier this month, the National Aeronautics and Space Administration (NASA) released the eagerly anticipated draft solicitation for the follow on for its Solutions for Enterprise-Wide Procurement (SEWP). This competitive procurement will provide information technology and audio visual products as well as product based services. Industry comments on the draft document are due by May 3, 2013. The final solicitation is expected to be released this summer, on or around June 24, 2013.

Following release of the SEWP V  draft RFP, NASA hosted an industry event on March 11, 2013 to field questions from industry and to discuss changes from the current version of the contract. Among the changes noted are the number of competition groups, performance period and ceiling values. The performance period for the contract has increased to 10 years, and the ceiling value has risen to twenty billion dollars. At the same time, the number of competition Groups is being reduced (to the four shown below for SEWP V), a move that’s expected to reduce the costs to both industry and government.

 

In another change from previous versions, the draft references the impact of cloud computing on the SEWP V offerings. One industry attendee noted that there was only a single cloud service offering made available through SEWP (Virtual Storage Technology). Thus, it was suggested that the Categories be expanded to include a Group covering the full set cloud computing resources, including virtual machines, virtual storage, virtual networks, virtual databases, virtual data warehouses etc. A few points from the Statement of Work were highlighted in response to this suggestion: All Groups are to have the same scope of products available under them. Cloud computing offerings would fall under the “breadth and depth offerings that can be proposed as available components” by vendors in all Groups. At this time, there is no plan to increase the number or types of competition Groups.
As we explored previously, the SEWP contracts are utilized by all Federal Agencies. The 70 federal agencies, boards and organizations using the SEWP Governmentwide Acquisition Contracts (GWACs) result in around 25,000 orders annually. At around of $90,000 per order, the contract vehicle averages $2 billion in reported spending each year for the past three years.  Moving forward, NASA plans to fully track orders through SEWP V. This data will help agencies understand their buying patterns, primarily in support of strategic sourcing. A cross-agency priority goal for strategic sourcing in both 2013 and 2014 aims to achieve a 10 percent savings by reducing the costs of acquiring common products and services. As budget pressure continues, agencies will look to further centralize buying through inter-agency strategic sourcing vehicles and establish cost-effective spending patterns. For vendors, securing a place on these strategic contracting vehicles will become increasingly important to maintaining market share.

For more information on SEWP V, visit the GovWin Opportunity Report.

Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWin IQ. Follow on twitter @FIAGovWin.

Comments (0) | Print | Send | del.icio.us | Digg It! | Technorati

More Entries

Government Research

Capture / Workflow

Teaming & Networking

Reports & Documents

Custom Consulting

Free Resources

Events

For Government

About Us

Privacy Policy
Copyright © 2013 Deltek, Inc.
GovWin