GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
Top Information Security Contracts FY 2009 to 2014

Analysis of historic federal information security spending reveals where agencies are investing the most.

Methodology

As part of the research and analysis completed for the recent Federal Information Security Market, 2014 to 2019 report, the Federal Industry Analysis Team explored reported spending on information security across the government. Historic spending data was collected using a non-definitive selection of 24 information security related keyword searches on FPDS.gov. The resulting 224,297 contracts were culled down to 33,233 through further analysis. This analysis reviewed the initial set for IT-related product or spending (PSC) codes, duplicate entries, and as well as security related contract descriptions.

 

The report includes findings from the over 33,000 contracts, which provide an approximate baseline total contracted value for security contract awards that can be used to assess the overall size and composition of historical federal information security spending from FY 2009 to FY 2014. The discussion in this blog addresses findings associated with the top 50 contracts from that set.

Findings

The top 50 contracts spread nearly $1.4 billion in funds across 11 different federal agencies.

Conclusions

Over the past five years, agency top contracts have provided security related products and services including compliance with security mandates (e.g. HSPD-12), encryption devices, enterprise identity management, and technology support services. While some of these awards are through stand-alone contracts or dedicated security programs, a number are associated with agency preferred contract vehicles. Going forward, agencies aiming to implement enterprise solutions or streamline costs are likely to continue leveraging existing channels to address security capabilities.

 

----------------------------------

Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @FIAGovWin.

FY 2015 National Defense Authorization Act (NDAA) Set to Pass

The National Defense Authorization Act (NDAA) for Fiscal Year 2015 has crossed a major hurdle to passage before the end of the calendar year as a House-Senate compromise bill has emerged. The final bill has implications for information technology acquisition and management at the Pentagon and beyond.

The legislation is a combination of two bills that each passed last May: HR 4435, which passed the full House, and S 2410, which passed in the Senate Armed Services Committee. As is typical, this year’s NDAA goes well beyond funding of national defense operations to include organizational and acquisition reform efforts and information technology priorities. Below is an overview of the high points of the bill.

Overview

  • Authorizes $521.3 billion in base discretionary defense spending and an additional $63.7 billion for Overseas Contingency Operations (OCO), reflecting the President’s initial request of $58.6 billion and the additional request of $5.1 billion to primarily cover counter-ISIL operations. The FY ‘15 NDAA is $48.0 billion less than the enacted FY ‘14 NDAA.
  • Does not reflect a proposed BRAC round as requested by the Administration, citing concerns that previous rounds did not yield the promised savings but rather imposed large up-front costs only to shift property between federal agencies. The current flux of military size and structure is also cited as a reason to postpone a BRAC round.
  • Selectively supports some White House proposals – like limited compensation increases for military personnel, including a for a pay freeze for General and Flag Officers – while adjusting others – like replacing a 5% reduction in basic allowance for housing (BAH) with a 1% decrease. This NDAA also blocks retirement of the A-10 aircraft, but provides for some reprogramming of those funds to higher priorities if needed.

Reform Efforts

  • Restores the Office of Net Assessment (ONA) to an independent status, reporting directly to the Secretary of Defense, and increases the ONA budget for FY ‘15 by $10 million to $18.9 million
  • Directs the SECDEF to report on the feasibility of reducing or consolidating combatant command functions by FY20 and a plan to implement a periodic review and analysis of management headquarters. This NDAA would also task GAO with assessing the DoD’s headquarter reduction efforts as part of GAO’s previous work assessing HQ growth.
  • Directs the Under Secretary for Acquisition, Technology, and Logistics, (USD (AT&L)) and senior acquisition executives for the Navy and the Air Force to issue DoD-wide policies implementing a standard checklist to be completed before issuing a solicitation for any new contract for services or exercising an option under an existing services contract. The FY ‘08 NDAA established an annual services contracts inventory requirement that DoD has yet to fully implement.
  • As a cost-control mechanism, the bill requires the Comptroller General to conduct a review of cases in which an acquisition program office believes that the Director of Operational Test and Evaluation has required testing above the required test plan.
  • Directs the SECDEF to provide the congressional defense committees with frequent reports on DoD’s damage assessment resulting from unauthorized disclosures of classified information and steps the Department is taking to mitigate the damage.
  • Provides for an overhaul of the Quadrennial Defense Review (QDR) process to produce a new Defense Strategy Review that is more long-term and strategic in nature and a more useful oversight tool.

Information Technology and Cyber Operations

  • Directs the President to maintain a list of nation-states or individuals that engage in economic or industrial espionage using cyber tools, and allows for the President to impose sanctions on such individuals or nation-states
  • Directs the SECDEF to designate an executive agency for cyber test ranges and another for cyber training ranges to better coordinate and resource each
  • Requires the development of a Major Force Program for cyber to better account for the budgeting and resourcing of cyber operations capabilities
  • Requires mandatory reporting on penetrations of operationally critical contractor networks
  • Requires the development and implementation of operational metrics for the performance of the Joint Information Environment (JIE)
  • Implements the Federal Information Technology Reform Act (FITARA) that has stalled and been removed from last year’s NDAA, according to Nextgov. FITARA will give additional budgetary and management authorities to agency CIOs, although no so much in the DoD. Nextgov also notes that the NDAA also supports federal data center consolidation efforts, the DoD’s move to cloud computing, and a plan to expand the use special IT acquisition experts.

While the final bill still needs to pass both the full House and Senate and be signed by the president, the FITARA provisions should not be a major reason for a presidential veto, according to a Federal News Radio interview with some members of Congress.  

---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about 
GovWin FIA. Follow me on Twitter @GovWinSlye.

 

Is DOD Changing Its Approach to a Common Data System?

A key roadblock for defense contract inventory efforts revolves around the dearth of accurate and reliable data. This hindrance is linked to unresolved issues with implementation of the planned common data system. A review launched in September 2014 aims to identify and develop data collection approaches, sparking questions as to whether the DOD will abandon plans to implement a common data system modelled  after the Army’s.

In November 2011, the DOD released a plan to develop a common technology solution to compile and review its inventory of contracted services. This plan leveraged existing data collection approaches, like the Army’s Contractor Manpower Reporting Application (CMRA). The DOD plan outlined objectives for meeting inventory requirements in both the short and long term. The long range elements of the plan included comprehensive guidance for components for the development, review, and use of the contracting inventories. It also provided for the formation of a working group to develop and implement a common data system for collecting and housing the information required for the inventory, including contractor manpower data. Although the plan did not include a detailed timeline or required resources, DOD expected this data system to be operational and for defense components to be reporting on their service contracts by FY 2016.

Varying requirements across the military departments and agencies have posed a challenge for developing a common data system. In September 2013, DOD fielded a system to support DOD components. Like the ones fielded for the Air Force and Navy, this system was also based on the Army’s CMRA. Each of the four CMRA systems is accessible via the Enterprise wide Contractor Manpower Reporting Application, which provides a common webpage. The four systems, however, are independent of one another with their own interface and separate log-ins. Currently, the department is evaluating business processes and guidance needed to standardize the approach to collecting and using inventory data.

Another factor that officials have called out as a hurdle in these efforts is the lack of dedicated resources and business processes to support the development and implementation. While the Army’s program has seen a rise in funding over the past few years, this has been entirely under operations and maintenance work. In FY 2013, the Army’s CMRA received $0.411 million in operations and maintenance. That figure rose to $0.879 million in FY 2014. The requested funding level for FY 2015 is just over half a percent higher at $0.884 million. The move to a common approach for data collection and reporting would likely require resources for development, modernization, and enhancement. For the Army, that would be either modest amounts to make minor adjustments to align with the rest of the DOD, or it would need to be a sum large enough to support a major overhaul. Results from the DOD’s September 2014 review are expected to be reported in December 2014.

----------------------------------

Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @FIAGovWin.

 

DOD Publicly Releases Joint Cyber Doctrine

Last month, Defense Department publicly released the joint cyber doctrine that was first issued in March 2013. The document sheds light on the policies and strategic direction shaping the joint Defense cyberspace operations information security activities. The document provides definitions of the roles and authorities across the Defense Department as well as outlining the roles of other organizations responsible for the nation’s cybersecurity, like the Department of Homeland Security and the Department of Justice.

As the document details, the Joint doctrine “applies to the Joint Staff, commanders of combatant commands, subordinate unified commands, joint task forces, subordinate components of these commands, and the Services.” This document takes precedence over any service level doctrines.

While some media coverage has noted the mentions of offensive capabilities, the definitions and discussion of capabilities in the public version remain at a high level. The doctrine offers three categories of cyberspace operations: offensive, defensive, and Department of Defense Information Network (DODIN).

CO missions are categorized as offensive cyberspace operations (OCO), defensive cyberspace operations (DCO), and DODIN based on their intent. OCO are CO intended to project power by the application of force in and through cyberspace. DCO are CO intended to defend DOD or other friendly cyberspace. DODIN operations are actions taken to design, build, configure, secure, operate, maintain, and sustain DOD communications systems and networks in a way that creates and preserves data availability, integrity, confidentiality, as well as user/entity authentication and non-repudiation.

The view addresses the varying types of activities (offensive, defensive, and infrastructure-related) as well as describing the operational environment and government roles within cyberspace. The military increasingly relies on cyberspace for command and control capabilities and also for logistics functions supported  by non-defense networks. The outline of organizational structures in the document help to illustrate the connections and  relationships within cyberspace.

For vendors, these details may be useful as the Defense Department targets moving towards shared services for information security solutions. It is important for contractors to understand that “Forces conducting CO may simultaneously support multiple users” and which organizations those users may represent. In terms of identifying potential solutions that meet operational requirements, anticipating this interplay between agencies and commands will require extensive coordination, planning, and early integration of requirements.

Although this publication provides broad perspective on the government’s operations in cyberspace, business opportunities with the Defense Department will continue to revolve around defensive capabilities, infrastructure enhancements, communications and network services, and professional services like training.

----------------------------------

Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @FIAGovWin.

 

Emerging Trends in Defense Cloud Computing

Interesting developments have abounded in defense cloud computing in the last few weeks.  These developments promise to provide industry partners with multiple business opportunities in the coming year and beyond.  Here is some of what to expect in fiscal 2015, in case any of these trends have not pinged your radar yet.

To begin with, acting DoD CIO Terry Halverson's recent decision to give the Military Departments greater authority to acquire commercial cloud solutions should open the door to faster defense cloud adoption. In the near term I would expect this change of direction to generate some chaos as the MILDEPS piece together cloud adoption strategies.  Remember, since fiscal 2012 the Military Departments and other DoD components have been instructed to follow the lead of the Defense Information Systems Agency when it comes to using commercial cloud solutions.  Presumably this directive has had the effect of slowing the evolution of market research and understanding among the MILDEPs as it pertains to cloud computing.  MILDEP personnel and commanders therefore probably have some ground to make up.  They will do this in 2015.  Long term, the decision to decentralize cloud procurement in DoD should translate into much greater business opportunities across the department.

Cloud activity at DoD is currently taking place on many levels, but three areas in particular bear watching:

Cloud Brokerages – A small handful of cloud brokerages have been stood up across the DoD so far.  I suggest vendors focus on brokers because they are where the bulk of cloud procurement activity is likely to take place.  The two brokerages operating in the MILDEPs are at the Army’s Program Executive Office Enterprise Information Systems in Fort Belvoir, Virginia, and at the Navy’s SPAWAR Atlantic.  DISA has of course also established a cloud brokerage.  Other DoD components and the Air Force have not publicly stated their cloud strategies, suggesting that for the time being they will work with DISA’s brokerage.  How this plays out remains to be seen.  For its part, Army has suggested EIS’ brokerage will be the central organization in Army for determining the migration of apps to commercial clouds.  EIS will act as the procurement activity with Army Network Enterprise Technology Command overseeing the technical work.  Keeping track of activity at PEO EIS and NETCOM will be critical.  Activity at SPAWAR Atlantic is also increasing but the Navy’s cloud efforts appear to be more decentralized than Army.  Therefore, keep a close eye on SPAWAR, but cast a wider net across Navy too.

Cloud Tactical Use – Operationalizing the cloud for mission purposes and use on the battlefield continues to be the DoD’s biggest challenge.  Army work in this area continues to be focused in the Distributed Common Ground System – Army (DCGS-A) program, while the Navy is conducting research and development on a tactical cloud system for big data.  This work is being done at the Office of Naval Research.  To my knowledge, Air Force tactical/mission cloud efforts are also currently centered on research and development work being directed by the Air Force Research Laboratory.

Cloud Service Provider Integration – Despite its changed role, DISA continues to pursue several cloud initiatives, making it a center of cloud activity at the DoD.  For example, the agency is investigating ways to utilize commercial cloud software and infrastructure.  Recent market research reveals the models DISA is interested in are either locating commercial hardware in DoD data centers and/or using containerized commercial clouds.  Both avenues should provide business opportunity given DoD security demands can be met and vendors can develop applicable solutions.

For the most detailed information and data on the status of the federal cloud computing market see FIA’s new report Federal Update: Cloud, Data Center, Big Data, and Mobility, 2014-2019

TTC’s Big Data for Defense Symposium Offers Insight into Air Force and Army Programs

It’s become a sure sign of autumn for me when the Technology Training Corporation’s annual big data for defense and homeland security symposium rolls around in September.  TTC always manages to get top-notch speakers from both government and industry and this year’s symposium was no exception.  The event takes up two days and is hosted at the Holiday Inn in Rosslyn, VA.  These notes and comments provide a couple of highlights from the symposium.

Jeff Eggers, Chief Technology Officer in the Office of the Deputy Chief of Staff for Intelligence, Surveillance and Reconnaissance of the US Air Force (AF/A2D) began by providing an excellent overview of the Air Force’s recent efforts to enable the use of big data analytics in operational/tactical environments.  Stating up front that the Air Force is reviewing big data concepts and methods to dramatically change the way it processes and uses sensor intelligence, Eggers assured the audience that the goal of Air Force efforts is standardizing sensor data feeds to make all data discoverable.  The standardized data will pass through automated tools and go to so-called “all source” analysts for the first stage of analysis before it is distributed to warfighters for use on the operational level.  An example of such use would be identifying targets for precision fires.

Processing data quickly, however, is the key to making it usable.  To that end the Air Force is dedicating funds to implement what it calls Sensing-as-a-Service.  SensaaS is the concept of making all data from multiple sensors available via a single delivery platform.  The sensors are embedded in a system of systems, like the Distributed Common Ground System-Air Force, and the data and analysis would be made available to users as a web-based service or via a battlespace network.  SensaaS is currently in the research and development stage, but Eggers’ says he’s been assured the concept is workable.  From an industry perspective this suggests that additional investment is coming from the Air Force to field a proof of concept prototype.  Such an approach would be consistent with defense acquisition initiatives to make greater use of prototyping in procurement phases.

Lisa Shaler-Clark, the Deputy Director in Program Manager – Futures at Army Intelligence and Security Command (INSCOM), followed Mr. Eggers later in the morning with some fascinating comments on work being done to integrate Army intelligence with the Intelligence Community’s IC IT Enterprise, or ICITE program.  Shaler-Clark noted that Army INSCOM has made great strides moving data from stovepiped systems into an enterprise data warehouse.  This warehouse provides analysts with vastly improved data access, but it has also created a deluge of data for them to deal with.  The solution to that problem for INSCOM has been to host a Hadoop-based cloud analytics system to parse the data.  The data is tagged in multiple ways and then made available for analysis via a number of automated tools.  Data is also integrated into the ICITE and INSCOM is leveraging the NSA’s cloud for additional storage.

Finally, from the sound of what’s happening there, INSCOM is one of those places you’ll need to visit if your company sells analytics capabilities.  Be aware, though, that Shaler-Clark’s office isn’t interested in capabilities that duplicate what they already have.  They want new capabilities that enable them to do what they cannot already do today.

TTC is planning to follow up this symposium in November with its first conference on the Internet of Things.  This conference, Internet of Things for Defense and National Security, will be held on November 13-14 in Arlington, Virginia.  The line-up of speakers that I've seen so far looks very interesting.  Hope to see you there.

 

 

Federal Busy Season – Which Agencies are Ramping Up to Spend in September?

August is here and that puts us right at the mid-point of the fourth and final quarter of the fiscal year – the federal “busy season.” But that doesn’t mean that half of this business is already accounted for. In fact, historical spending trends suggest that things are just ramping up for its climax in September and several agencies will have billions of dollars to spend on IT before they face expiring funds.

Recently, I showed how federal agency spending trends in Q4 accounted for an average of 39% of agency contracted IT spending for the year, translating into an average of $30 billion in IT products and services contracted during the fourth quarter. Yet, the spending is even more concentrated than that. Upon further analysis, we can see that federal contract spending is disproportionately large in September, the final month of the fiscal year. Agencies obligate 18% of their total contract dollars across all goods and services and 23% of their yearly contracted information technology spending in September alone. That works out to nearly 60% of Q4 IT contract spending and means that about $17.3 billion in IT is likely to be contracted in the month of September.

Twenty five federal departments and agencies account for about 99% of this IT spending. So which of these biggest spending departments and agencies will have the largest percentage of their IT dollars likely to go out next month? See the chart below.


Twelve of the 25 highest spending departments – roughly half – will obligate 25% or more of their FY 2014 IT contract dollars in September, based on a 5-year average. State and AID will obligate more than a third!  The FY 2009-2013 average September contract spending for these 12 agencies is provided below.


Again, we are looking at an average of over $17 billion in IT spending at these agencies in September. Not all of these funds will necessarily expire at the end of the fiscal year, but the historical spending data averaged over the last five years still supports the trend that these agencies will spend at or near these levels, as it reflects some of the spending impacts of recent trends like shifting and tightening budgets, program delays, and sequestration.

---
Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @GovWinSlye.

Federal Fourth Quarter FY 2014, Part 2 – $30B in IT Contracts Likely

The last two months of fiscal year (FY) 2014 are nearly upon us and that puts us on the cusp of the height of the 4th quarter (Q4) “federal IT busy season.” Even with several disruptions that have marked the first half of FY 2014, agencies do have budgets in place and are spending. If historical averages hold, several agencies will spend more than 50% of their FY 2014 contracted IT dollars in Q4.

Last week, I looked at potential total fourth quarter spending for the top 25 departments and agencies across all categories of contracted products and services, based on their reported historical contracted spending over the last several years. This week, I will focus on the Information Technology (IT) category in a similar fashion. (See last week’s entry for more detail on my approach.)

From FY 2009-2013 federal departments reported spending an average of 32% of their yearly contract dollars in the fourth quarter across all spending categories. However, the percentage of Q4 IT contract spending was 39% among the same departments for that period. Agencies tend to buy more of their IT in Q4 compared to other products and services, on average. Translating that into dollars, over the last five fiscal years federal agencies spent an average aggregate of nearly $30 billion on IT hardware, software, and services in Q4 alone. This is the case based on historical spending data, even in the era of sequestration and other budget constraints.

Which departments are the best targets for a firm’s Q4 IT capture efforts? Over the last five fiscal years the following 25 departments or agencies reported the largest overall contracted IT spending and make up 99% of the federal market. The chart below shows their average contracted IT spending in Q4 over the last five years.


Sixteen of the 25 top-spending departments will spend an average of 40% or more of their yearly contracted IT dollars in Q4 (and several more departments are not far behind in percentage points.) Those 16 departments account for an average of $20 billion in combined Q4 IT contracts from FY 2009-2013.

Three departments or agencies historically obligate more than half of their yearly IT contract dollars in the final fiscal quarter: AID (55%), State (56%) and HUD (70%).  Their 5-year average Q4 IT contracted spending is:

  • AID = $141.5 million
  • State = $690.5 million
  • HUD = $181.9 million

Not far behind, the departments that spend between 45% and 48% of their yearly IT contract dollars in Q4 – like HHS, DOJ, SSA, Energy, and DOI – tend to have even larger IT budgets. These five departments account for a combined average of $3.2 billion in Q4 IT contracts over the last 5 fiscal years.

Much of these contract dollars will flow to commodity IT products like software and peripherals, but significant dollars will also go toward IT services. Proposals that were submitted weeks or months ago may come back to the foreground for potential action and companies that can quickly turn around competitive quotes for their federal customers may have a chance at stealing business from incumbents. 

With FY 2014 getting a bit of a slow start due to delayed budgets and agency shutdowns, the rebounding we are seeing in the second half of the year may result in a record-breaking Q4. We will have to wait and see.

---
Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @GovWinSlye.

 

Federal Fourth Quarter FY 2014 – Who’s Got the Money?

It’s that time of year again in the federal contracting world – the final quarter of the fiscal year, i.e. the Q4 “busy season.” After a rocky start to FY 2014, marked by budget impasses, shutdowns, continuing resolutions and sequestration, contracted spending appears to be catching up and may be on track for a record fourth quarter. Some federal departments will spend more than 40% of their contract dollars in the next few weeks.  

Due to the topsy-turvy environment over the last few years taking a bit of a historical perspective on spending may help to get a sense of what is likely in store for this Q4. According to their FPDS reported contracted spending over the last seven years, federal departments spent an average of 43.4% of their yearly discretionary budgets with contractors. Applying that percentage to the enacted FY 2014 discretionary budget of $1.127 trillion means over $489 billion in contract spending would be spent in all of FY 2014. Further, from FY 2009-2013 federal departments reported spending about 32% of their yearly contract dollars in the fourth quarter. That means more than $156 billion of FY 2014 contracted spending is likely to be obligated in the last 12 weeks of the fiscal year. Given a slow start in Q1, the actual Q4 amount could be billions higher as agencies work to catch up.

So which departments and agencies are most likely to have big money to spend between now and the end of September?  Looking at total contract obligations over the last five fiscal years, the following 25 departments reported the largest overall contracted spending and make up 99% of the market. The chart below shows their average contracted spending in Q4.

Eight of the largest departments on average spend at least 40% of their contract dollars in the last fiscal quarter and the State Department averages nearly 60%. In average dollar amounts, the Army, Navy, Air Force and DoD will have the most to obligate. From the civilian side HHS, VA, DHS, Energy, and State will be the biggest Q4 spenders.

Contractors need to be well-prepared to meet the needs of their federal customers to effectively and efficiently get these contract needs met by being highly responsive and by providing compelling proposals and bids. The dollars will flow, but where they go may be still up for grabs.


---

Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @GovWinSlye.

 

Capacity on Demand: The Next Phase of Defense Cloud Adoption?

If one thing has become clear over the last few months concerning the Department of Defense’s plan to use commercial cloud services, it is that Infrastructure-as-a-Service (IaaS) providers will have more near-term business opportunities available to them than any other type of provider.  The DoD may seek out specific kinds of applications offered by commercial partners on a Software-as-a-Service (SaaS) basis (think analytics, cyber security, unified communications, network management, etc.), but the evidence points to infrastructure providers deriving the highest demand and earning the highest profits.

The evidence I refer to is pretty straightforward.

First, the DoD is awash in duplicative applications.  The Army alone, according to Doug Wiltsie, the Army’s Program Executive Officer Enterprise Information Systems, has as many as 25,000 applications that must be de-duplicated, decommissioned, and migrated to the DoD Core Data Centers provided by the Defense Information Systems Agency (DISA).  The situation is similar in the Air Force, with as many as 8,000 apps in need of rationalization, and Navy, which seeks to cut its 7,000 applications in half.  That’s 40,000 applications the DoD has, not counting other defense agencies.  You can see why buying new apps is not a priority for the department.

Second, so far DISA’s Enterprise Cloud Broker Program Management Office has approved Amazon Web Services, CGI Federal, and Autonomic Resources to run cloud services for DoD customers.  Unless I am mistaken, all of these are cloud hosting vendors that provide massive computing and storage infrastructure.

Third, and finally, one of the major thrusts behind the establishment of the Joint Information Environment is to remove throughput limits as a roadblock.  Eliminating bandwidth constraints goes hand-in-hand with using commercial services for capacity on demand, since greater bandwidth enables expanded use of enterprise services, including analytics, and greater ability to “surge” data across the network as it is required.  To again cite comments recently made by PEO EIS Wiltsie, the Army requires commercial capacity enhancement for a number of purposes, including end of year auditing activities related to Enterprise Resource Planning programs and to reduce costs that the Army is currently passing on to DISA.

Given the evidence above it seems likely a veritable tidal wave of DoD requirements for commercial IaaS services is on the way.  As always, it is useful to watch what Army’s PEO EIS does, as well as what its leadership says.  In first quarter of this fiscal year, EIS released market research requesting industry feedback on, you guessed it, Information Technology Capacity on Demand (ICOD).  The ICOD RFI sought to “identify potential sources capable of providing a capacity processing infrastructure / solution required to deliver on-demand IT capacity for a variety of application and processing environments.”  Information gathered from the ICOD RFI will probably be used to establish a baseline understanding of the commercial landscape; call it creating a “stable” of potential commercial partners, if you’d like.

As the number of cloud services providers receiving FedRAMP and DISA Cloud PMO ATOs increases, the likelihood that Requests for Proposals related to application migration and hosting services for DoD will also grow.  DoD use of DISA’s milCloud solution will have to grow first, however, and reach a mass critical enough for DoD customers to confidently use commercial partners.  By critical mass I mean enabling Defense applications for the cloud using DISA’s Orchestrator tool.  Once DISA has proven that apps migrated to the cloud are on a cloud footing, expect them to flood back out into the waiting arms of approved commercial providers.

In effect, DISA is acting as the DoD’s cloud gatekeeper and way-station for putting Defense applications on a cloud footing.  Engineering applications to function in a cloud environment is essential for protecting the data they handle.  DISA will do this via its automated solution, determine the data impact level the data falls under, and then use one acquisition vehicle or another to farm out management of the approved, engineered capability to industry.  It’s not a cheap way of doing things, but it does address the DoD’s concerns about data security while also ensuring that the department complies with legislative mandates for it to utilize commercial cloud providers. 

 

More Entries