GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
GovWin Recon - May 30, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Mergers and Acquisitions:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

 

GovWin Recon - May 29, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Big Data / Analytics:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

GovWin Recon - May 28, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Cloud Computing / Data Center Consolidation / Virtualization:

Mobility:

Transparency and Performance:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers and Acquisitions:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

 

 

2-Year Interagency Initiative Aims to Define and Integrate Secure Systems Engineering

Mid May 2014, the National Institute for Standards and Technology (NIST) released an initial public draft of guidance for secure systems engineering. The document is part of NIST’s 800 series of special publications, which provide computer security resources.

According to NIST fellow Ron Ross, “We need to have the same confidence in the trustworthiness of our IT products and systems that we have in the bridges we drive across or the airplanes we fly in.” To that end, computer security experts are working to incorporate security into IT systems through systems and software engineering principles. An initial set of guidelines has been released by NIST for public comment in the draft document Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems. The ultimate objective, as the document puts it, is “to address security issues from a stakeholder requirements and protection needs perspective and to use established organizational processes to ensure that such requirements and needs are addressed early in and throughout the life cycle of the system.”

The process for developing the guidance has four stages. The phased approach of the initiative will allow the numerous stakeholders to focus their review and feedback on key elements of the engineering process as different parts of the guidance are developed. The current draft is part of the first stage of the guidance development process.

The secure systems engineering guidance produced by this process is intended to be applied to both public and private systems, including financial systems, critical infrastructure, and defense systems. Building on the federal cyber security strategy and information security efforts, the detailed guidelines pursue an objective of reducing the susceptibility of systems to threats. Taking a systems engineering approach allows security to be addressed at every stage of the lifecycle for new systems, upgrades, modifications, planned upgrades that result in a new system, systems-of-systems, and retiring systems.

 

Although security professionals are the primary target audience for the publication, the information may be of use to a range of roles throughout the system lifecycle. Specific examples of such roles include those with risk management or oversight responsibilities, acquisition and budgeting roles, systems design and integration roles, auditing and monitoring roles, as well as providers of products, systems, or services.  The 120 page draft document is available for review at http://csrc.nist.gov/publications/PubsDrafts.html#800-160. Public comments may be submitted to sec-cert@nist.gov through July 11, 2014.

-------------------------------------

 

Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about GovWinIQ. Follow me on twitter @FIAGovWin.

 

Could New Cybersecurity Acquisition Plans Disrupt Federal Procurements?

Growing concern over cybersecurity and vulnerabilities to cyber-attacks that would impact the supply chain of both military and civilian agencies has led the federal government to look for ways to build cyber-protections into the federal acquisition process. But some in industry are concerned that new proposals coming out of the Pentagon and GSA could be disruptive in their own right.

The joint DoD/GSA publication, Improving Cybersecurity and Resilience through Acquisition - Final Report of the Department of Defense and General Services Administration, is one component of the government-wide implementation of Executive Order 13636 and Presidential Policy Directive (PPD) 21, issued in February 2013 and both addressing improved critical infrastructure cybersecurity.

The report included six recommended reforms addressing cybersecurity and federal acquisitions:

  • Institute baseline cybersecurity requirements as a condition of contract award for appropriate acquisitions

  • Include cybersecurity in acquisition training

  • Develop common cybersecurity definitions for federal acquisitions

  • Institute a federal acquisition cyber risk management strategy

  • Include a requirement to purchase from original equipment manufacturers, their authorized resellers, or other trusted sources

  • Increase government accountability for cyber risk management

In the news release announcing the report release GSA Administrator, Dan Tangherlini noted that “the ultimate goal of the recommendations is to strengthen the federal government’s cybersecurity by improving management of the people, processes, and technology affected by the Federal Acquisition System.  GSA and DoD will continue to engage stakeholders to develop a repeatable process to address cyber risks in the development, acquisition, sustainment, and disposal lifecycles for all federal procurements.”

Industry Concerns

The report has been open for industry comment for a few months and several IT industry organizations have expressed concerns over the direction the DoD and GSA are taking, according to a recent account. Specifically, some in industry are concerned that assessing cyber-risk based primarily on the inherent risk of the purchased products or services (i.e. product category) creates additional issues because it ignores the larger risk environment surrounding their implementation and it adds complexity and ambiguity that will make it difficult to use by agencies. If implemented in its current form, it sounds like it could run the risk of “the law of unintended consequences.”

Implication

While the emphasis of the executive order is on using security standards to influence acquisition planning, contract administration, and to ultimately increase resiliency, agencies are also under pressure to improve the economy and efficiency of their IT acquisitions.  Agencies also struggle with delays to procurements due to changing or additional requirements as well as protests. How security and resiliency controls are added to the acquisition process will have direct implications for the complexity, speed and cost of completing procurements. 

Implementing good cybersecurity intentions is important, but it is equally important to implement them in the right way. Otherwise, agencies run the risk that some supply chain disruptions they experience could be self-inflicted.

---
Originally published in the GovWin FIA Analysts Perspectives Blog. Follow me on Twitter @GovWinSlye.

GSA’s 18F: “Hacking Bureaucracy”

In an environment that resembles more of a technology start-up than a government office, sixteen of industry and public sector’s brightest gather daily to develop software for their government clients.

 

Dubbed 18F, because of their location in GSA’s headquarters on 18th and F streets, these innovators and entrepreneurs attempt to improve the way agencies accomplish their missions.  18F was established in April of this year by GSA to accelerate innovation across the federal government, and includes the Presidential Innovation Fellows program and GSA’s digital delivery team.

 

According to Dan Tanherlini, GSA Administrator, “The mission of 18F is to make the government’s digital services simple, effective, and easier to use for the American people.  This service delivery program will make GSA the home of the government’s digital incubator.  By using lessons from our nation’s top technology startups, these public service innovators will be able to provide cutting-edge support for our federal partners that reduce cost and improve service.”

 

Greg Godbout and Noah Kunin, members of 18F, described their jobs in a recent blog as “hacking bureaucracy.”  Unlike criminal hackers, the 18F team’s work is “productively disruptive and curious.”   According to Godbout and Kunin, the term “hacker” in the software development community is not a malicious description, but one of a problem solver.  18F is attempting to integrate their agile style of software development into the broader federal community to drive long-term culture change.

 

18F held an inaugural Demo Day on May 9th, to introduce their mission and services to other federal agencies and the general public. 

 

The opening presentation by Greg Godbout on Hacking Bureaucracy described 18F’s purpose as to

  • Find innovators inside government 
  • Engage stakeholders and users 
  • Launch MVP to get started quickly 
  • Learn and Iterate 
  • Stay aligned with the rules of the bureaucracy 
  • Formalize the process/solution for reuse

During the Demo Day, various members of the 18F team presented projects they had worked on or were currently developing, such as FBOpen.gov, NotAlone.gov, innovation toolkit using Midas, and SAM.gov.

 

Tangherlini stated in an interview with the Washington Post in April that GSA was still determining how to measure success of 18F.  He said one measure would be whether or not agencies are using the products that 18F builds.  He went on to say,”…if agencies don’t want to buy it…then we’ll pull the plug and try something different.” 

 

More information on 18F can be found at 18f.gsa.gov or GSA’s news release regarding 18F.

 

 

Update on Defense Cloud Computing from the JIE Mission Partners Symposium

Recently the professional association AFCEA hosted a major conference at the Baltimore Convention Center on the future of the Defense Department’s Joint Information Environment.  The JIE, as it’s known in acronym land, is a major DoD effort to engineer a common operating environment for the Defense community.  This effort currently focuses on two areas: installing new network hardware equipment to boost bandwidth globally and implementing a Single Security Architecture that’s easier for the DoD to defend.  Improving security is a critical reason for implementing the JIE, but from a fiscal perspective enabling the Defense community to use a host of shared enterprise services via a unified infrastructure is perhaps the most important rationale.  Put simply, the DoD cannot afford business as usual given the expense of maintaining countless redundant applications in stovepiped environments.

In this context cloud computing plays an important role in the DoD’s plans.  Contrary to what one typically reads in the trade press, the DoD has not stood still when it comes to finding ways for Defense customers to employ cloud solutions.  Lieutenant General Ronnie Hawkins, Director of the Defense Information Systems Agency (DISA), set the tone early in the Symposium by blowing up the myth that his agency’s development of its own cloud environment, dubbed the milCloud, is an end-run around industry.  “[The] reality is,” Hawkins noted, “that more than 60% of milCloud is run by industry partners and more than 80% of the Defense Information Systems Network (DISN) is run by industry partners.”  In making this point, General Hawkins gave voice to something I’ve argued in this blog for more than a year; namely, that the DoD is making progress using cloud computing largely behind the scenes.

On the second day of the conference, John Hale, Chief of Strategic Planning for Enterprise Services at DISA, provided details on where opportunities in the milCloud might present themselves to cloud service providers.  Hale described enterprise services in the milCloud that DISA currently provides, including Defense Enterprise Email, the Defense Enterprise Portal Service, Defense Connect Online, and Enterprise Directory Services.  He noted, however, that hosting of these services in the future will not necessarily reside in the DISA’s Defense Enterprise Computing Centers (DECCs).

There is the potential of “more outsourcing to commercial partners coming,” Hale said; with the goal of making “blended use of enterprise services across the DoD,” including both commercial and DoD providers. 

The best example of this approach that Hale could provide is DEE, the hosting of which DISA intends to outsource to a commercial provider in the future.  Hale said industry should expect a “huge shift” to commercial providers over the next 2-3 years.  This shift will take place once current network consolidation efforts are completed to a satisfactory degree and once additional commercial providers receive the Authority to Operate (ATO) from DISA.  Lastly, concerning how commercial cloud services will be procured, Hale expects DISA will “use a multi-pronged approach” that leverages a revamped version of the Commercial Cloud Services Provider contract vehicle in tandem with various Blanket Purchase Agreements it awards.

In conclusion, although a little patience might be required, the opportunity looks good in the next few years for cloud service providers to compete for significant business at DISA.

 

GovWin Recon - May 27, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

 

 

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Big Data / Analytics:

Mobility:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

State and Local:

AEC News:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

CAD system, content management software top list of Chicago IT procurement opportunities

The city of Chicago, Illinois, released its most recent buying plan for the Q2 2014 – Q2 2015 period, which provides vendors an idea of what goods and services the city plans to procure over the next 15 months. The plan includes 242 possible procurement opportunities in areas such as work services, commodities, professional services, and small orders. This number is only a slight decrease from the 246 opportunities listed in the previous buying plan for Q4 2013 – Q1 2015.
 
Not surprisingly, construction opportunities dominated, accounting for 32.6 percent of projects listed, as shown in the figure below. The plan includes projects varying in value, from less than $10,000 to more than $20 million, allowing for companies of all sizes to become vendors for the city.

Source: Deltek
 
Of the 14 departments that have solicitations expected between now and Q2 2015, more than 55 percent of projects listed in the buying plan fall under the Water Management, Transportation, or Fleet & Facility Management departments. A majority of these projects are construction requirements valued at $1 million to $5 million. However, public library projects also have a strong presence, including an integrated library system valued at $1 million to $5 million, and a new website development opportunity.
 
While there are only nine Emergency Management and Communications projects included in the buying plan, three of them are in the $10 million to $20 million range, including a computer-aided dispatch (CAD) system. This project, which is expected to be solicited in Q1 2015, will replace the department’s current Northrop Grumman CAD system.
 
The Innovation and Technology Department has five solicitations planned through Q2 2015, though a number of projects in other departments have IT aspects included as part of their requirements. The largest project coming out of the Innovation and Technology Department is a content management and process modernization program (CMPM). While the specific details of the CMPM solicitation are not yet known, the CMPM division of Innovation and Technology oversees the city's content management systems and has a goal of reducing paper operations by 2017 while streamlining overlapping business processes for the city.
 
Nearly 48 percent of the opportunities listed in the buying plan are valued at $1 million to $10 million, while the majority of big-ticket projects are construction requirements. However, there are eight projects that the city anticipates will cost more than $20 million, including a water utility billing project that will require IT professional services.

Source: Deltek
 
The city has also included 14 projects with small business set-asides of two types: Small Business Initiative (SBI) and Target Market. The SBI is a construction program the city established in order to augment the projects awarded to local small businesses. The city reports that 30 contracts valued at nearly $50 million have been awarded under the SBI program. Target Market opportunities are directed to minority businesses, including women-owned businesses. The plan includes five Target Market opportunities, including an Innovation and Technology master consulting agreement for IT professional services.
 
Vendors can expect to see the greatest amount of these opportunities procured during 2014. However, Chicago does tend to roll over its projects from one buying plan to the next, so don’t be surprised if a project listed in the current plan is delayed until the next one, or even further. Since 2011, the city has only issued between 140 and 175 solicitations in any 15-month period, meaning that 65 to 100 projects listed in the buying plan will not be procured during this cycle.
 
In addition, not all of the opportunities listed in the plan are guaranteed to be solicited. As is the case with many projects, sometimes the owning agency reprioritizes projects or decides a requirement can be met using internal resources. In other situations, funding can’t be secured and a project is canceled. Deltek has seen opportunities included in buying plans continue to be pushed out for up to two years, and in several occasions they have been canceled.
 
While it can be used as a guide to develop strategies for doing business with the city, it’s also important to keep in mind that not all solicitations that are released by the city come from the buying plan. For example, in 2013, of the 11 solicitations that Deltek considers IT the primary requirement, only four were listed in any of the procurement forecasts released by the city. So, if you don’t see any projects of interest in the plan, be assured there are other opportunities available. 
 
You can learn more about current procurement opportunities in Chicago in the GovWin IQ State and Local Opportunities database. Not a Deltek subscriber? Click here to learn more about Deltek's GovWin IQ service and gain access to a free trial

 

 

 

GovWin Recon - May 23, 2014

GovWin Recon, produced by Deltek's Federal Industry Analysis (FIA) team, is designed to support awareness and understanding of the issues impacting the government and the contractors that serve it. Recon highlights key developments surrounding government technology, policy, budget and vendor activities.

Headlines beginning with an * include quotes from Deltek analysts. 

Sequestration / Budget:

Federal IT:

Agency News:

Vendor News:

Cybersecurity:

Transparency and Performance:

Defense / C4ISR / Embedded Technology:

Contracting / Acquisition:

Legislation:

Mergers and Acquisitions:

State and Local:

GovWin Recon is Deltek's daily newsletter highlighting federal government contracting news and analysis from around the government contracting world. Get it delivered to your e-mail inbox, free!

 

 

 

More Entries