GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
GovWin Recon - February 28, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

GovWin Recon - February 27, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Health IT:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

GovWin Recon - February 26, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Big Data / Analytics:

Mobility:

Transparency and Performance:

Waste, Fraud and Abuse:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

 

Balancing Privacy with Efforts to Reduce Fraud and Waste

A key element to being able to identify waste and fraud is data analysis:  the ability to match disparate data sources to spot anomalies or trends.  However, many federal data sets contain data protected by privacy legislation.  Agencies must balance citizen and corporate privacy with efforts to root out waste, fraud and abuse. 

 

According to OMB, improper payment rates continue to decline, dropping from 5.42% in FY2009 to 3.53% in FY2013.  Improper payments occur when funds go to the wrong recipient, payment is made in the wrong amount, documentation is not available to support a payment, or the recipient uses funds in an improper manner. Although OMB hasn’t published the total amount of improper payments to date, using total program spending figures from prior years would position FY2013 improper payments around $100 billion.

 

In January, GAO released a report on the Computer Matching Act which governs privacy when agencies share data sets to ID waste and fraud.  GAO concluded that agencies have taken a number of steps to implement the elements of the act, but implementation across the seven agencies studied has not been consistent and a number of agencies stated that the act’s rigorous requirements and short time frames discouraged them from pursuing computer matching agreements (CMAs) with other agencies.  GAO recommended that OMB revise its guidance and that selected agencies develop and implement policies and procedures for cost-benefit analyses and establish annual reviews and reporting.

 

OMB is responsible for developing guidelines for execution of the Computer Matching Act, while agencies are responsible for implementation to include: 

  • Developing CMAs and notifying OMB, Congress and the public
  • Conducting cost benefit analysis for proposed matching programs
  • Establishing data integrity boards to oversee matching programs

 

All the agencies that GAO reviewed had established at least one CMA, but differed in their understanding of whether CMAs were required for data queries.   SSA had established the most CMAs with a total of 34.  Agencies generally conducted cost benefit analyses, but did not use key elements to determine value of computer matching programs.  OMB has not yet release guidance for development of cost benefit analyses.  Finally, although agency data integrity boards have been established, reporting varies widely.

 

OMB needs to offer further guidance to agencies to foster more consistent implementation of the Computer Matching Act.   Judging from the number of CMAs currently in place for the seven agencies GAO reviewed, there is potential for future CMAs among agencies.  Additional implementation of CMAs and the Computer Matching Act could further assist in decreasing the federal government’s $100 billion in annual improper payments.  The market to reduce waste and fraud remains ripe for contractor support in areas such as data authentication, analytics, predictive modeling, forensic accounting, and fraud case management.

 

GovWin Recon - February 25, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cloud Computing / Data Center Consolidation / Virtualization:

Health IT:

Big Data / Analytics:

Transparency and Performance:

Waste, Fraud and Abuse:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

Are Feds Struggling to Move to the Cloud?

A report on cloud adoption in the federal government has been getting attention recently.  Entitled The Road Ahead: Three Years after Cloud First, the survey-based report found that since the announcement of former Federal Chief Information Officer Vivek Kundra’s Cloud First initiative in 2011, federal agencies have struggled to implement cloud computing.  As evidence one slide in particular shows that “just ten percent [of agencies] have migrated more than half of their IT portfolio to the cloud.”  Common roadblocks to adoption, survey respondents said, include a lack of staff necessary to execute agency cloud strategies and a lengthy procurement process that hinders cloud adoption.

As someone who keeps a close eye on the federal cloud market, I have to admit I wasn’t surprised by the findings.  The halting nature of agency movement to the cloud has been well documented in my posts and inreports on the federal cloud market published by the Federal Industry Analysis team.  This said, however, the picture of federal cloud adoption presented in The Road Ahead shows several disconnects between the respondents and the available data.

For example, although 49% of survey respondents said they’d moved less than 10% of their IT portfolio to the cloud, 51% of respondents said that they’d moved 11% or more of their agency’s IT portfolio to the cloud.  I found this reassuring.  It tells me that agencies are moving to the cloud as quickly as they feel comfortable making the transition.  Could they move faster?  Of course, but we need to remember who we are talking about here.  Federal agencies operate within a risk-averse environment, but early cloud mandates forced them to move quickly and without well-laid plans.  A measured pace was called for and now that they are approaching cloud on a broader scale they have the opportunity to accelerate adoption.  In addition, it’s worth noting that most agencies don’t have the goal of moving 50% or more of their IT portfolio to the cloud.  In the Federal Cloud Computing Strategy published in 2011, agencies reported that, in aggregate, only 25% of the $80B in OMB-reported IT spending was even appropriate for the cloud.  So, as agencies gather momentum they’ll be able to have more informed conversations about the cloud and this is good news for industry.

Turning to the lack of staff needed to execute cloud strategy, this is a valid concern.  Hiring freezes, retirements, and staffing cuts have had an impact on agency IT operations across the board.  But this isn’t bad news for the market as agencies are turning to vendors for help.  Here at Deltek we classify cloud efforts into several categories.  These include consulting efforts we call “cloud enabling” and “cloud strategy.”  Cloud enabling efforts involve engineering/design to make systems and applications ready for migration to the cloud.  Since FY 2009 approximately 10% of the efforts we’ve identified could be classified as cloud enabling, and this doesn’t count many of the almost 300 other efforts we classify as “pure cloud,” (i.e., actual migrations or purchases of cloud-based capabilities) that include cloud enabling type work.  Add another 21 cloud strategy efforts in which vendors are assisting agencies with developing cloud strategies and what we have is a complex picture of a market in transition.

Survey respondents also mentioned a procurement bottleneck.  Here again there seems to be a disconnect between the survey responses and the data.  Without a doubt the overall IT procurement model leaves a lot to be desired.  However, contracting shops still found ways to award cloud contracts valued at more than $20 billion dollars from FY 2009 to FY 2013.

I am bullish on the prospects for the federal cloud market because the data tells me the market is growing.  To reinforce the point here are a few statistics:
  • To date, 48 agencies have acquired or are actively procuring a cloud service.  Of these 48 agencies 30 have engaged in 3 or more cloud efforts, this includes the Department of Defense and associated Military Departments.
  • 126 cloud efforts have been private cloud deployments, whether in a private government or commercial cloud.  This compares with 85 deployments in commercial clouds and 213 efforts where the deployment type could not be identified.  These statistics reinforce findings in The Road Ahead that agencies are moving mostly to private clouds.
  • Concerning how agencies are using the cloud, five areas stick out in particular:
    • 45 efforts identified have been/are for data center services, basically hosting and computing services.
    • 34 efforts have been/are for software development, essentially development and testing environments.
    • 28 efforts have been/are for email, yet this is primarily what we hear about in the media.
    • 27 efforts are for content and data management, including database hosting, content management systems, archiving, etc.
    • 25 efforts have been for cyber security purposes, including identity access management, network access management, and continuous monitoring.

The future looks bright too.  Deltek’s cloud forecast projects that the federal cloud market will grow almost threefold from $2.2 billion in FY 2014 to $6.15 billion in FY 2018 at a compound annual growth rate (CAGR) of 18%.  Our data shows that agencies are actively engaging industry partners to develop cloud strategies and implement solutions that make even greater use of cloud computing in the future.  Barring any extreme setback like a massive data breach or catastrophic failure of a cloud hosting facility, I’d expect to see agencies accelerate their adoption of cloud solutions.  This can only be good news for industry and agencies alike.

 

GovWin Recon - February 24, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Health IT:

Transparency and Performance:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

White House Cybersecurity Framework Takes a Cajoling Tone

Last week the White House unveiled its much-anticipated framework for cybersecurity aimed at persuading financial, energy, and other critical infrastructure companies to further bolster their network protections against cyber- attacks. The measured tone of the guidance and accompanying statements by officials is a stark contrast to the Obama Administration’s aggressive posture at the onset of the initiative.

The Framework for Improving Critical Infrastructure Cybersecurity is the product of a year-long effort led by the National Institute of Standards and Technology (NIST) initiated by President Barack Obama’s Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” on February 12, 2013. While the release came within the Obama’s specified time frame initial news reaction was that the framework was much weaker than what he promised a year ago. The White House’s promotion voluntary standards is a marked departure from the more regulatory approach it had pursued up to this point and in his published statement on its release the President said that much more work needs to be done.

Framework Overview

The Framework describes itself as a risk-based approach to managing cybersecurity risk and seeks to reinforce the connection between business drivers and cybersecurity activities. Its core is composed of three parts:

  • The Framework Core – a set of five cybersecurity functions—Identify, Protect, Detect, Respond, Recover, desired outcomes, and applicable references that are common across critical infrastructure sectors. The Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level.

  • Framework Implementation Tiers – describes the degree to which an organization’s cybersecurity risk management practices exhibit the characteristics defined in the Framework (e.g., risk and threat aware, repeatable, and adaptive) measured over a range, from Partial (Tier 1) to Adaptive (Tier 4), from informal to agile and risk-informed.

  • A Framework Profile – the alignment of current standards, guidelines, and practices to the Framework Core in a particular implementation scenario. Profiles can be used to identify opportunities for improving cybersecurity posture by comparing a “Current” Profile (the “as is” state) with a “Target” Profile (the “to be” state).

The remainder of the Framework defines cyber- risk management and further discusses the three Framework components, with examples of how the Framework can be used, and provides additional reference information relevant to implementation.

White House Event and DHS Program

The White House announced the Framework release with an event that featured speakers from several agencies and a panel of industry advocates that have worked closely with the administration on the issue. A key repeated theme throughout was the voluntary nature of the Framework, which may be a reaction to concerns that federal policy in this area would pursue a heavy-handed regulatory bent.

As part of the roll-out, The Department of Homeland Security Secretary Jeh Johnson announced the launch of their Critical Infrastructure Cyber Community C³ Voluntary Program, a public-private partnership aimed at aligning critical infrastructure owners and operators with existing resources that will help them adopt the Framework and manage their cyber risks.  The stated primary goals of the C³ Voluntary Program are to support industry in increasing cyber resilience, to increase awareness and use adoption of the Cybersecurity Framework, and encourage organizations to manage cybersecurity as part of an all hazards approach to enterprise risk management. In his remarks, Johnson said one aspect of the C-cubed program includes providing industry access to cyber- experts at DHS for consultation and advice at no cost.

Also at the event, Department of Commerce Secretary Penny Pritzker chaired a panel of supportive industry execs from AT&T, Lockheed Martin, and PEPCO to show their support for the White House’s efforts.  Among their comments, they emphasized the “good first step” aspect of the framework and that it is not a “cookie-cutter” approach. They also stressed the fact that “there are no truly private networks” as well as the need to understand exactly what actors and devices are connected to their networks.

White House Cyber Coordinator Michael Daniel closed out the event by highlighting the intent to continue to foster C-level engagement in order to keep the Framework a living document through NIST workshops, etc.; to address the regulatory aspects of the EO by streamlining and aligning existing regulations without issuing new ones; and to deal with the issue of incentives for industry to participate in the framework and related cyber- efforts.

Implications

In the industry panel discussion, AT&T’s Randall Stephenson commented that he sees huge opportunities within the cyber framework for big business. He and the others see the need for innovation in cybersecurity, including solutions that improve an organization’s situational awareness of their cyber- risk posture, training and education, policy development and enforcement, risk management, etc. It was unclear whether he meant up-side for cybersecurity vendors or potential for big firms to improve their cyber- risk poster, or both.

The potential cost of pursuing the government’s framework approach has been raised as an issue. In fact, an administration official noted that the federal government is going to “do its best to make the costs of using the framework lower, and the benefits of the framework higher…”

Cybersecurity opportunities that develop within the private critical infrastructure markets will complement the ongoing needs of federal agencies to secure their networks and improve their processes, especially in light of the continued challenges and failures of many agencies to lead by example.

---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Discover more about 
GovWin FIA. Follow me on Twitter @GovWinSlye.

GovWin Recon - February 21, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Big Data / Analytics:

Defense / C4ISR / Embedded Technology:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

GovWin Recon - February 20, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Mobility:

Defense / C4ISR / Embedded Technology:

Mergers and Acquisitions:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

More Entries